Hello, I have a problem much strange, yesterday have received one mail
containing the following message:
Declude Virus v1.60 caught the [Outlook 'CR' Vulnerability] virus in [No
attachment]
OK, that E-mail contained the Outlook 'CR' Vulnerability.
then me arrived second mail containing a
I don't see why we need a separate keyword to turn allow on or off.
As soon as declude sees an ALLOWEXT, all attachments that aren't
specifically given an ALLOWEXT line would be blocked. All BANEXT lines
after that would be ignored.
This is what we are thinking of.
[1] Keep the
Can I use the %VIRUSFILE% variable in my BANnotify.eml file? So far, my
tests show Unknown File for the %VIRUSFILE% variable. ie. Your
message attachment, Unknown File, is not allowed. Attachments of type
.EXE are restricted.
That's because no virus was detected in the E-mail; the
Hello Scott John and thanks for your attention, I am concorde that on
these computers not are not virus but only present vulnerability in the
mail-reader, in order to resolve the problem I can make to upgrade the
mail-reader that they find themselves on the computers in issue? or which
other
Hi Scott, but if I decided not to block this type of mail, as I could make?
which configuration I would have to modify? still thanks.
You can use the BANCRVIRUSES OFF setting, but that will disable detection
of all the vulnerabilities. This will also likely cause future viruses to
be
At one point you talked about detection of double file extensions. Was
that ever implemented?
It's a good idea, but tough to implement properly. The problem is with
filenames such as www.yahoo.com.url, and spreadsheet.2002.nov.xls. So
adding such detection would get a bit complicated.
Wouldn't the double extension just get blocked by the exe rule?
It would, if you block .exe files (which many ISPs can't do, for
example). For people that don't block .exe files, the *.*.exe blocking
could be useful.
-Scott
---
[This E-mail was scanned for
Is the syntax then?
BANEXT *.*.exe
No. That will literally ban E-mails with an extension of *.*.exe, which
no E-mail will have (since the extension in such a file is actually exe).
-Scott
---
[This E-mail was scanned for viruses by Declude Virus
I just received this form our scanner.
Usually it is followed by the transfer document to which it refers.
Today it deleted it.
What does the sender need to do to remedy this vulnerability?
The sender most likely needs to get an updated version of the software that
they use to send the
When we are running two scanners, is there a way to know which one caught
a particular virus? And if knowing that one caught more than the other,
would there be an advantage of placing it first in the sequence?
If you use LOGLEVEL MID, you'll see in the logs which scanner detected the
Duh. I see now. Interesting - in this one (below) Scanner 1 (F-Prot)
reported Lentin and Scanner 2 (McAfee) says Yaha. I see what you mean now
about no advantage of order of scanner. I was kinda wondering if scanner
1 found something, whether it invoked the second scanner or just went
Just wanted to gain some additional knowledge from the forum on the
following. With the Klez virus (among others), it is widely known that
the from address will most likely be spoofed. However, if you look at
the full header, does Klez and the like, also attempt to spoof the IP
address in
At first I was going to write:
Just upgraded f-prot from 3.11a to 3.12c and now I noticed that a Lentin.F
virus was found in a file attacment with the .txt extention.
Then, because I had a look again at this e-mail when it was reformatted with
CR's I noticed the .bat about 100 spaces later.
I opened up the Imail Client on the default domain and emailed my username
on my domain (which is included in the virus domains file as ON). I
received the email and the virus attached to the email.
I believe the IMail Client deals with the mailboxes directly, bypassing the
standard
RSP he Test Virus Sender at http://www.declude.com/tools first
One thing I wish you'd add to that program is the ability to send mail
directly to an address such as [EMAIL PROTECTED] - It
reports no mx records for mail.example.com even though
mail.example.com may be an mx record.
It would
I'm getting a boatload of xmascottage.shs , christmas.shs types of files.
These are banned extensions, but not detected by F-prot. I'm very
suspicious
of these - any other experiences?
You're right to be suspicious of these
attachments.
I just installed the newest version of Declude and I am seeing this from
my virus notification email:
snip
The attachment is [Outlook 'MIME segment in MIME Preamble'
Vulnerability]
What is the mime preamble vulnerability? (reader's digest version is
fine)
It is a recently discovered
We are testing two virus scanners with Declude Pro and wanted to confirm
or thoughts. Is it true that the scanners scan the file first, whether
you have one, two, or five and then once done, the action on the virus is
taken (i.e. quarantined)?
That is correct. Declude Virus Pro will check
How do you explain the [Partial Vulnerability] virus to a user?
Something like Back in the old days, E-mails were limited to 50K each, and
large files had to be broken down among several smaller E-mails. For year
now, however, E-mails haven't been limited to a specific size, and so
people
I got this today and have a question.
- Declude Virus v1.65 caught the [Outlook 'MIME Header' Vulnerability]
virus in CLEAR.pif from [EMAIL PROTECTED] to:
Does Declude check for the vulnerabilities and if one is found that's
it? No virus check?
It checks for both vulnerabilities and viruses
While going through my logs, I noticed a lot of lines like this:
12/19/2002 09:14:11 Qd43109d000d4e8d9 Found a bogus .jpg file
I see it's pointing to the same message, but was just curious to know
how common this is?
What version of Declude Virus are you running?
That log file entry
I saw a few weeks ago about a thread discussion that talked about
the 'catching' of double layered extension files (i.e. file.shs.txt),
however I couldn't find it in the archive. I wanted to see if these
indeed get caught as banext (i.e. shs) , as I think this maybe a dull
point if
Thanks for the aid on other question. We currently have the
virus footer disabled, but I have one client who would like a footer
added to his email that it was scanned for viruses. Is there a way to do
this except globally in the virus.cfg file? Again, thank you.
Unfortunately,
That log file entry is part of an experimental system in Declude Virus
designed to find files that aren't what they claim to be (for example, if
someone renamed an .exe file to a .jpg extension). However, I believe
there was a recent beta that would falsely detect these bogus files. In
I have turned BANCRVIRUSES OFF but it is still catching the Mime header
vulnerability. I know I should not turn it off but until the developer fixes
the code I have got to let this stuff get through. Any ideas why it wouldn't
be working? I know it is reading the current config because the
thanks for the download but it is still getting caught. What am I missing? I
replaced the exe and ran the exe and see the new version in the email
output. Ideas?
What is the *exact* name of the vulnerability that is getting caught?
If you type \IMail\Declude -diag (*EXACTLY* like that) from a
Was just curious what this meant. Have never seen this before.
X-Spam-Tests-Failed: MONKEYFORMMAIL
The X-Spam-Test-Failed: line shows a list of the spam tests that the
E-mail failed. In this case, the E-mail failed the MONKEYFORMMAIL
test. You can go to
Reading some of the archives suggested that if using F-Prot it was best to
use the fpcmd.exe over the f-prot.exe due to some errors encountered with
using f-prot.exe
12/20/2002 12:59:44 Q5a90002f0078444b Starting scanner #1:
C:\Progra~1\FSI\F-Prot\fpcmd.exe
/TYPE /SILENT /NOMEM
During the initial setup of Declude Virus we copied down the
virus_domain.txt and the virus_users.txt file and placed them in the
Declude directory. Since then, by default, we are scanning all
incoming/outgoing email for all domains. Is it more efficient (hence
faster scans) for
http://www.extremetech.com/article2/0,3973,799187,00.asp
Scott, any chance of Declude Virus detecting this?
No.
The problem is that a buffer overflow exploit requires not just decoding
the Flash attachment, but it also requires analyzing the attachment (which
would be extremely difficult
So, what is the best way to avoid having Declude attempt to send a virus
notice to it when it is sending to %ALLRECIPS%? Or can it be coded so the
%ALLRECIPS% will not include copyall_account? That would also explain why I
am seeing a blank first recipient on our match program log.
The next
Yes, the virus messages are getting caught and being put in the virus
directory. The notifications aren't being sent. Should I stop the SMTP
service (or run Declude again) and test? OR are there other suggestions?
Do you still have the \IMail\Declude\*.eml files (such as
Thanks for the help. I made sure that the From, To, Subject were first
in the .eml files and the eicar test sent the message.
You need to look at the file more carefully.
You *MUST* have the From:, To:, and Subject: lines *BEFORE* the first blank
line. That's the most important thing to
Anyone seen this before?
The Anti Virus v1.65 caught the Unknown Virus virus in Unknown File
from: to: [EMAIL PROTECTED]
Date: 01/02/2003 20:54:23
Subject:Mail delivery failed: returning message to sender
Spool File: Dfb5d794201f0d528.SMD
Remote IP: 64.29.18.233
It sounds like
I think my users are getting bombarded with klez. The email is as follows
Hi,
I just came across this funny screensaver..
sending it to u.. hope u like it..
check out and die laughing.. :)
Actually, I believe that is Yaha.
Klez.H is the most common world-wide spreading worm.It's very
I noticed my mcafee desktop scanner is not getting it either and I just
bought this version
In that case, it may be that they are corrupt, non-viable variants of the
original virus. Some viruses will become corrupt for some reason (either
due to the virus itself, or the way it bounces),
Is there a way to either globally allow Outlook 'MIME header'
Vulnerability from a certain remote address?
No.
If that's not possible, how do you globally allow mail to pass unscanned
from a certain remote user? Or does it *need* to be on a per-local-domain
basis?
You would have to
I have the .mbx file with the infected mail in it. What address do
you me to send it to.
If you could send it to [EMAIL PROTECTED], that would be great.
-Scott
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail
I was wondering if anyone knew what the RFC was for how the DNS
should be configured (MX and Reverse DNS) for an internet e-mail server.
It would be nice to quote from it when I e-mail the postmasters of
legitimate servers which aren't configured correctly.
There isn't a single
possibly i've put them in the wrong file? I currently have it in the
sender.eml file
That will prevent the notifications from getting sent to the sender.
or should I just put all of these into the recip.eml also?
You can put some or all of them in the recip.eml file, depending on which
I have recently found that new Outlook web calendars are not working
properly for my email users. When I thought back, it seems like it happened
when I added Declude Virus to the server that they may have stopped working.
Could it be declude opening the email to add the tagline, scanned by etc.,
Thanks Scott, that was what I thought it may be.
And to disable the footer message I would just delete the lines in
virus.cfg???
That is correct.
-Scott
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the
If I want to skip the virus W32/Sobig.A@mm (that is the name with which
f-prot is recognizing it), it is OK to add this line:
SKIPIFVIRUSVIRUSNAME Sobig
or it should be:
SKIPIFVIRUSVIRUSNAME Sobig.A@mm
The SKIPIFVIRUSNAMEHAS option just looks for a partial match, so either one
would work.
If the eMail [EMAIL PROTECTED] is blocked at the Imail SMTP KILL list - will
Declude ever see the eMail?
No, Declude will not see the E-mail if you add [EMAIL PROTECTED] to the IMail
Kill List. That will block the E-mail before it is even sent.
-Scott
---
[This E-mail
Scott, can I still just use f-prot.exe for scanning or do I have to use
fpcmd.exe?
F-Prot.exe will work fine for virus scanning. There are a *few* servers
that have problems with 16-bit programs that cause performance issues under
heavy volume (that fpcmd.exe fixes), but if you were not
Scott, do you have a web page with a list of all available options -with
examples if possible- to set at the begining of the E-Mail template files.
It would be very useful for reference.
We are planning to add a section to the manual that lists all of them, but
do not have a section for them
Any word on being able to have custom email templates on a per-domain or
per-group basis?
We're working on it. :)
-Scott
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing
I hope you understand when I say.. its hard for me to concieve of renewing a
support agreement when your product isn't even fully documented..
The problem here is that there are some options that we added typically for
individual users at their request, which are available in the latest
I hope you understand when I say.. its hard for me to concieve of renewing a
support agreement when your product isn't even fully documented..
The manual ( http://www.declude.com/virus/manual.htm ) has been updated to
include all the commands that can be used in the E-mail notification
I was looking through the manual the other day for the command line option
to see which version I have and could not find it. I tried every - / and ?
help info combination I could think of and couldn't find it. Did I just
miss it?
The declude.exe file isn't meant to be run manually, as IMail
Q: For the SKIPIFRECIP option, I should use one option per domain.Right ?
Example:
SKIPIFRECIP @domaina.com
SKIPIFRECIP [EMAIL PROTECTED]
SKIPIFRECIP @domaind.com
That is correct.
I suggest something like:
SKIPIFRECIP [EMAIL PROTECTED]
or
SKIPIFRECIP @example.com
---
same goes for
This weekend we moved our mail server to a new machine and now we have
had Klez slip through our mail system (and many more I assume).
The new box is running w2k, Imail 7.13, Declude ver 1.62, and McAfee
Netshield on the server (engine version 4.1.6 and the latest dat files).
I have duplicated
Declude Virus v1.66i5 caught the Unknown Virus virus in Unknown File from
to: [EMAIL PROTECTED]
Unknown Virus will occur if your virus scanner detects a virus, but does
not report the name of it (or does not report the name of it
properly). This will also appear if the attachment is
Yes, IMail was processing mail through that period. We started receiving
messages at our desktops that did not contain any declude headers, and that
was my first indication that something was wrong. The log even shows SMTP
refusals based on entries in my kill.lst file, so I'm guessing that IMail
I loaded 1.66 and the copy of fpcmd.exe from out of fp-win_312d_m.exe on
Monday morning. Since then my log files have grown dramatically, mostly from
the inclusion of countless lines like these:
01/20/2003 12:55:00 Q37e6146 Could not find parse string Infection in
report.txt
01/20/2003 12:55:01
Yep. I changed the name of the old one and dropped the new one right in its
place. I'm going to get a fresh copy of 3.12D and repeat the install, and do
some more Eicar testing and get this right.
If you want, you can use the debug mode (LOGLEVEL DEBUG) until at least
one E-mail is scanned,
I'm wondering if I can somehow disable this test, or possibly weaken it etc
Your only option is to disable vulnerability detection completely, which
will almost certainly allow future viruses through.
When it comes to vulnerabilities, it is best to just fix the problem.
The headers are
Sure - should of thought to give that on the first shot...
Actually, I should have caught this without looking at the logs -- for some
reason, I was thinking of a different issue. The problem is:
--=_NextPart_000_0005_01C2045D.33A4E770
Content-Type: text/plain;
I have a question, in declude junkmail, declude has the ability to add
header information to the e-mail to show what tests the mail failed,
etc. I was wondering if it is possible to do the same with virus
e-mails. We quarantine virus, banned ext, and spam e-mails for review,
we currently use
Thanks, Scott, last question for the day...
Can I use the SKIPIFVIRUSNAMEHAS on a vulnerability?
Yes, you can.
As in, add a line that says.
SKIPIFVIRUSNAMEHAS Vulnerability (provided I spell it correctly which
I'm not sure I did here)
That will work fine. :)
Do you all send out the
Our clients run a full system scan every night and when it does it finds the
following virus:
www.myparty.yahoo[1],W32.Myparty@mm
index[4].html,Trojan Horse
The location is in the users temporary internet files folder.
If the file is in the temporary Internet files folder, and is a .html
Just want to make sure on this... does this virus forge the sending
address? If so, is it an address taken from the infected address book like
K L E Z?
Yes and (most likely) yes.
-Scott
---
[This E-mail was scanned for viruses by Declude Virus
01/28/2003 07:37:19 Q8789130 (Error 5 at 4154a6 v1.66)
01/28/2003 07:37:19 Q8789130 (log part 2 saved as C:\declude.gp2)
01/28/2003 07:37:19 Q8789130 (log part 1 saved as C:\declude.gp1)
What do these mean? We get them ALL the time now.
If you upgrade to the latest interim release (
Thanks. It took care of the problem.
(Do you need my .gp_ files anyways, or not?)
Not in this case, as there was sufficient information with the Error 5 at
4154a6 v1.66.
-Scott
---
[This E-mail was scanned for viruses by Declude Virus
Since upgrading to 1.66 I have been getting NOTICE=FAILURE,DELAY errors like
crazy. I just upgraded to the 166i version. Will this take care of this
problem as well?
That's actually not a problem -- that's just standard IMail (SMTP,
actually) behavior. A mailserver will send the
I had never noticed it before :)) I am however losing emails and that is
the only reason given for the particular email. I have the sender send one
to my personal (off server) account and it comes through with no problem.
What do the log files show for the E-mail that is lost? Note that the
What are the meanings of the settings LOW/MED/HIGH for the LOGLEVEL function
within virus. cfg?
LOGLEVEL LOW is the default, and will report standard information.
LOGLEVEL MID will report extra information (such as To:/From:/Subject:)
LOGLEVEL HIGH will record the most information possible
Had a curious instance of what looks like Yaha come through my mail server
today, got through Declude/F-Prot including my BANEXT SCR setting (file
came through as shake.scr) all the way to an email box where my client
found it.
Header in email message had:
X-Mailer: Microsoft Outlook
Do you still have the E-mail in the .mbx file (which we can use to test
here)?
I'm trying to get it from my client, at the moment, no
Actually, it is the .mbx file on the IMail server that I would need --
that's the one that has all the raw E-mail headers in it (once it reaches
the client,
I don't have the original .mbx, but I was able to have the client forward
the message to me, and it got through, and I have it in an .mbx of mine -
is that still useful? If yes, where should I send it?
If it wasn't caught when they forwarded it to you, the .mbx file would be
useful (you can
I just sent that .mbx to the virustrap email - it's the only message in
the box - thanks for your help
I just tested the E-mail here, and it does not get caught with v1.61 or
v1.62 (both betas), but will get caught with v1.63 or higher. If you
upgrade to v1.65 (at
Are we safe from these?
http://www.messagelabs.com/viruseye/report.asp?id=130
Yes and no. :)
Declude Virus has for at least a year been able to properly process E-mails
that contain that vulnerability. That means that if a virus is spread
using the vulnerability, and your virus scanner
Looks like they are having problems with their Imai AntiVirus. Uhmm.. that
happens when you don't use Declude :-)
OK Scott, what did you do to their server? ;)
You caught me -- I neglected to urge them to run Declude Virus on their
live servers.
-Scott
I have a few customers complaining of attachments getting stripped from
their emails. .jpg, .gif. and .doc files
No viruses are detected, but what else could be stripping the attachments.
In this case, you should check first that [1] The attachments really aren't
there, and [2] Any firewalls
Here is the problem we are having. We are using Grisoft AVG as our virus
scanner, and declude virus to interact with IMail 7.13.
We contstantly get SMTP32.EXE errors, as well as NTVDM.EXE errors.
This is a known problem with IMail -- you can go to
http://www.declude.com/dq.htm for an
I am trying to figure out how IMail calls Declude to help it scan for
viruses. Is this some sort of setting in IMail? Where is it located in the
IMail administration screens?
It is either handled by a registry entry, or on the Advanced tab of the
SMTP settings (if you are running IMail
Scott.. one more time for me? What do I need to tell godaddy software, a
registrar, about there email client?
You can tell them that their mail client is sending out E-mail containing a
dangerous vulnerability (one that viruses can use to bypass mailserver
virus scanners). Specifically, it
I am new to IMail and am using Declude to scan for e-mail and viruses.
over the last few months the scanners have been letting more and more
viruses and spam through, anyone have any suggestions?
Have you been running Declude for several months, or are you referring to
other software? What
We are running Declude 1.58 on IMail 7.13. We have been running this setup
since July. We originally had a gentleman who handled the mail server
duties but unfortunately we had to let him go. Since his departure I have
noticed a large amount of complaints from customers that are receiving
We are experiencing a lot of undeliverable messages in our virus sender
notifications. In response to this I would like to setup the templates
reply to address with an account that deletes any incoming messages
immediately.
Rather than doing that (which essentially means that you're sending
Where do I obtain the updates? I am looking on the Declude web site and
see nothing, or is it on the Imail website?
If you go to the manual at http://www.declude.com/virus/manual.htm , it has
links to the files.
-Scott
---
[This E-mail was scanned for
We have SMTP mailers from our web servers that send contact forms,
etc. to our mail server to send out. So, I've WHITELISTED all the IP
addresses within our network.
Are you referring to Declude JunkMail (Declude Virus doesn't allow
whitelisting)?
Today, I received an e-mail from
So with IPBYPASS xxx.xxx.xxx.xxx in the Global.Cfg, it will tell Declude
Junkmail that even though this IP is whitelisted, still run the spam tests
on any message from it.
No.
The IPBYPASS just tells Declude JunkMail to bypass that IP, and instead
scan the next IP address. So if you use
I regularly use the webbased email method of Imail. Here within the past
few days I've gotten email from a list or two which when clicked on comes
up with a The page cannot be displayed error and it's home page is s: (
Open the s: home page ).
Now in the past this has been some sort of klez
In this message you suggest to use fpcmd.exe instead
of f-prot.exe, i tried this, but eicar testvirus was not detected when
using fpcmd.exe.
Settings:
SCANFILEC:\Progra~1\FSI\F-Prot\F-Prot.exe /TYPE /SILENT /NOMEM
/ARCHIVE /NOFLOPPY /NOBOOT /DUMB /REPORT=report.txt
If you change this
I do, but I thought somewhere in the history Declude working with the F-Prot
Real Time Scanner.
Declude Virus will not work properly with an on-access scanner unless [1]
You use the ONACCESS ON setting (which tells Declude Virus to check for
deleted files), and [2] The on-access scanner
What level logging will show the emails being sent out for virus
notifications. We are still experiencing an issue with two or more
people needing to be notified, in our case, only one is receiving the
email (postmaster.eml). Thanks for the aid.
Only the debug mode will show that
I am looking for suggestions to reduce the amount of resources that
Imail/Declude use. We are a small ISP and now and then we get hit hard by
a spammer mass mailing our users ( which equal ~20,000 ) and we get hit
our mail server all but shuts down due to the mass amount of incoming mail
and
Does anyone know of a way to set the logs to go hourly? Our daily logs, set
on Low are reaching over 100 megs.
There isn't any way to set up hourly logs (at least not using Declude Virus).
In this case, though, you might want to consider adding a line LOG_OK
NONE to the
One of my servers started sending malformed headers yesterday for some
reason. Declude picked it up as a the Outlook CR Vulnerability.
I am wondering if anyone can tell me where the vulnerability is in the
attached message (attachment is a copy of what Declude Quarantined).
I do not see any
Dnsstuff.com seems down
It's been very finicky today, but is back online.
Also, i need a command line mailer (a la imail1) that can send html files
(as attachements) any idea ?
I believe blat is the most common one -- a search for Google should find it.
We have the same problem...
Please let me know if you found a workaround...
The only workarounds are:
[1] To have the sender fix the problem, and stop sending dangerous
vulnerabilities, or
[2] Disable vulnerability detection, and allow future viruses to be
delivered unscanned.
Given the
Is there a certain reason why there is no variable containing the single
recipient of the message?
Yes -- because there is no single recipient (unless there is only a single
recipient, in which case %ALLRECIPS% will display that recipient). :)
Is there no variable containing the SMTP-Recipient
From where JM gathers the X-RCPT-TO value?
That is added by IMail, when the E-mail is being delivered.
At that point, IMail has the single E-mail with multiple recipients, and it
goes through each recipient and stores a copy of the E-mail in
their mailbox. Since it has access to the
Is there a way to add a new SKIPIFMULTIPLERECIPS criteria?
So we can send vulnerability warnings at least to single recipients.
Perhaps, but:
I mean sending the warning back to the sender so that he can force
sending is not a good solution.
%ALLRECIPS% will only include the sender if the sender
%ALLRECIPS% will only include the sender if the sender sent a copy to
himself, through your mailserver.
If you are not running an open relay, that means that the %ALLRECIPS%
notification would only go to the sender if the sender was a
user of yours.
I intended to send the warning to
A client of ours is asking if it is possible to send a notification to
[EMAIL PROTECTED] as well as a notification to the user.
Is it possible to do this for just one domain while leaving the others as
is?
Unfortunately, I can't think of any way to accomplish that for just one domain.
Scott, would it be possible to add a new feature for per domain scanning?
What I would like to see is a NONPOSTNOTICEOFF option.
What you could do instead is add a line:
SKIPIFRECIP @example.com
to the \IMail\Declude\recip.eml file, which would prevent the notification
from going
Does this go anywhere in the recip.eml file, at the top, or at the bottom.
Any commands in .eml files, along with the To:, From:, and Subject:
headers, must go at the top (anywhere before the first blank line).
-Scott
---
[This E-mail was scanned for viruses by
What you could do instead is add a line:
SKIPIFRECIP @example.com
to the \IMail\Declude\recip.eml file, which would prevent the notification
from going out if the recipient was on the @example.com domain.
Thanks. That would also have to include any alias, correct?
Actually,
401 - 500 of 1188 matches
Mail list logo