http://www.declude.com/Release/178/BANnotify.eml
I get an error when I try to download the bannotify.eml.
It tries to redirect to mhtml:http://www.declude.com/Release/178/BANnotify.eml
If you right-click on the link and choose Save Target As, it should
bypass any problems that IE may have
I haven't seen an answer to this thread. Ver 1.78 shows Waiting for
activation code, but
reinstalling 1.77 will get rid of the X-Declude-Status line. Ver 1.78
still works, but it sure is a heart-stopper to see this in a header and
think your virus protection isn't working...
The latest interim
I'm seeing this is 1.77i27 also:
1.77i27 is no longer supported -- you should upgrade to 1.78 (the latest
beta) at http://www.declude.com/virus/manual.htm , or the latest interim
release (at http://www.declude.com/interim ) which takes care of the header
in the subject of this thread.
When do you think there will be a new release version? I'm still at 1.75 and
like to stay with the release version if I can.
Very soon now. :)
We were considering having 1.78 be a release version, but given how many
changes there were from 1.77, we decided to have 1.78 be a beta. Once any
Is this version for the declude virus our all the declude products?
All the Declude products share the same Declude.exe file, so downloading
the latest interim will make sure that all the Declude products are running
the latest interim release.
Has anyone seen a lot of W32.Netsky.B slipping through?
No.
Why didn't declude tag it? I don't see any errors in the vir* logs, and
others have been getting infected notices.
What does the Declude Virus log file say for that E-mail?
-Scott
We've gotten several, here are a couple:
02/18/2004 10:33:12 Q93c835e1004873e1 Scanned: Virus Free [MIME: 2 22065]
02/18/2004 15:56:37 Qdf95a7880150b2de Scanned: Virus Free [MIME: 2 22057]
Running F-Prot, Mcafee and now AVG.
The Virus Free message means that none of the virus scanners detected a
Would it work to put
SKIPIFSENDER [Forged]
in the top of the bannotify.eml file?
No. If a virus is detected, the bannotify.eml file won't be sent out
(virus scanning takes priority over banned file extensions). Without
knowing the name of a virus, it is not possible to determine if it is a
I the logfile I can see the following 3 lines for the message causing the
bannotify message above:
02/23/2004 09:23:35 Qb88600530094b521 Scanned: Banned file extension. [MIME:
2 41]
02/23/2004 09:23:35 Qb88600530094b521 From: [EMAIL PROTECTED] To:
[EMAIL PROTECTED]
02/23/2004 09:23:35
It's Mcafee Virus Scan Ver 8.0 Build 8.0.26
There isn't a scan.exe or scan32.exe on the drive.
You'll need to do a Full Install. That should get the scan.exe installed.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail
I realize this generally does mean it's corrupt -- but you're missing the
scary part. If I scan the file that came in with the same install of
F-Prot, (from the mail server), it catches it as Netsky.
If scanning it from F-Prot on the mailserver catches it, it should get
caught when Declude
Scott, feature request: If the banned extension is zip, instead of sending
out BanNotify.eml, can Declude be configured to send BanZipNotify.eml? That
would allow flexibility to only do this for zip files.
We're looking into some options here.
I've re-installed it a couple of times but I haven't seen anywhere that
I can tell it to do a full install.
You'll need to contact McAfee then to see how to do a Full Install (or at
least how to get the scan.exe file installed).
-Scott
---
We are seeing errors in our other scanners. At first I thought Error 5
was because of F-Prot's new C release. But now we are seeing Error 9 in
AVG as well.
That means that AVG is reporting an error 9. Unfortunately, we have no
information on what will cause AVG to report an error 9. Most
Scott, if Declude Virus encounters an Error 5 with scanner 1, does it not
even attempt to run the message through the second scanner?
It should call both scanners, no matter what.
02/25/2004 08:50:21 Qd23b256a001cfa29 Could not find parse string
Infection: in report.txt
02/25/2004 08:50:21
We're seeing the same thing David did - random error 5's on the newest
F-prot. I backed off to the previous version. Is there a way to rescan
the error 5's using Declude from the command line if I create a batch file?
You could try copying the files back to the spool directory, and then
Can Declude be run from a folder other than the main IMail spool folder? -
in which case a good message would not be moved to a virus subfolder.
The Declude.exe file should be in the \IMail directory, and the scanned
files really should be in the spool. Using other directories may work, but
Thanks for the link. I called them to get a price and ran into another
brick wall.
McAfee is like that. Their normal MO, though, is to oversell, doing
everything short of blatant lying to do so.
What you may want to do is try asking them I have one computer running
Windows XYZ (for example,
I have a lot of these
any hints ?
02/24/2004 16:39:12 Q7b5e15400292c67d Error opening mime file
E:\IMAILSRVR\spool\D7b5e15400292c67d.SMD
02/24/2004 16:39:12 Q7b5e15400292c67d Scanned: Error starting scanner
The happens when Windows won't allow Declude to open the D*.SMD file for
some reason.
Would I be able to ban extensions by domain using Declude Junk Mail?
No, Declude JunkMail isn't designed to ban file extensions.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus:
I have Mcafee on access scanner, but i specificaly exclude the imail the
spool directory and all their subdirectories
Regarding the backup, the error in occuring all day long, while we only run
the backup once a day, so it cannot be that
Do you know if this is happening for all E-mails, or just
If a per user configuration is used and virus scanning is disabled for a
user, and a e-mail comes in to a local user with the disabled user as the
forged from address, will the message be scanned for viruses?
That depends on who it is sent to.
While the default will be not to scan it (since it
i have loglevel set to high and do not see the (2 scanners) line john
posted, why ?
02/23/2004 22:23:37.023 Qede8025e01a6820d Scanning files (2 scanners)
That's because that is a debug log file entry. The debug mode places a
*lot* of log file entries for each E-mail (10 to 100 times the
I was testing for the Bable.c virus to ensure that my scanners were
picking it up. I sent an email with the virus from the Imail web client
to my account on the same domain and it wasn't caught. Sending this
email back to the same account from an outlook client caught the virus.
Is this normal?
I m curious what kind of server load people have experienced with
declude. Like anyone else using this product we re on MS, I/O is quite an
issue for us and I d like to know what to expect prior to purchasing declude.
We typically find that each GHz of CPU power allows for about 100,000
I am running the latest beta 1.78.
I have the following in my virus.cfg file:
BANEXT scr
BANEXT pif
BANEXT bat
BANEXT exe
DELETEVIRUSES ON
Yet I am still seeing e-mails with .PIF extensions being held in the virus
subfolder. I'm concerned that these are
Can I configure the bannotify.eml to not send messages to the sender of
the file, but to send them only to the recipient and to me.
Not currently.
Actually, I believe this can be done, by using a line To:
%ALLRECIPS%,[EMAIL PROTECTED] in the \IMail\Declude\BANnotify.eml file.
Have you considered adding the ClamAV to the list of scanners on your site?
We should have it there soon. :)
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus: Catches known viruses
OK, I have it the other way around, does that matter?
No. Any E-mail addresses that appear after To: and that are separated
by commas will work.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
What was the url for the interim release that catches password protected
zip files? I managed to delete it instead of saving the thin.
http://www.declude.com/interim . You need to add a line BANEXT EZIP to
the \IMail\Declude\virus.cfg file with the latest interim, and then
password protected
Installed newest declude file and I'm still getting
(X-Declude-Status: Waiting for activation code) within the email header
Anyone know of a hack or hex editor I can use to fix this?
If you upgrade to the latest interim it will remove that line.
Installed newest declude file and I'm still getting
(X-Declude-Status: Waiting for activation code) within the
email header
If you upgrade to the latest interim it will remove that line.
Scott.. I did download and installed it..
Declude 1.78i6 (C) Copyright 2000-2004 Computerized
WARNING: Couldn't remove .vir directory
F:\IMail\spool\Ddf56c4e7006acd96.vir\: EXTRA FILES THERE.
03/02/2004 14:24:32 Qdf56c4e7006acd96 Likely problem: Your virus scanner
is leaving extra files/directories behind, so Declude can't delete the
directory.
What file(s) are left over in that
03/02/2004 15:52:16 Qf3fc18350038f46d Couldn't delete
D:\IMail\spool\Df3fc18350038f46d.vir\1.zip: 32.
This will be fixed in the next interim release.
In my bounce email, is it suppose to show ZIP-pif rather than
ZIP-theactualextension??
Yes, if it was a .PIF file that was supposed to be
I just swept the hard drives looking for the global.cfg file and there isn't
any. So.. Maybe I should reboot the server?
That won't do it.
Could those headers be generated by a remote mailserver (you may see them
on E-mails sent from this list, for example).
I am trying to understand this, but the reality doesn't work like I think
you are saying it should. If I have the following in my virus.cfg file:
BANEXT EZIP
Note that BANEXT EZIP is the original quickly-implemented format that may
have problems.
with or without:
BANZIPEXTS ON
BANEZIPEXTS
I am also seeing the issue below. The files that are being left in the
directories are named like this
0.zip (or)
1.zip
There is a new interim release 1.78i8 at http://www.declude.com/interim
that should take care of this issue.
-Scott
---
We now have a new interim release 1.78i8 of Declude Virus Pro at
http://www.declude.com/interim that will look for invalid .bat, .com, .pif,
and .scr files, and will treat them as vulnerabilities. It is expected
that this will cut down significantly on the impact of future viruses in
the time
Okay, so if I want to continue to ban any zip file that is encrypted,
whether I have defined the extension to be band or not, I should continue to
use BANEXT EZIP, correct?
That is correct.
-Scott
---
Declude JunkMail: The advanced anti-spam
Does BANEXT ZIP cover BANEXT EZIP?
BANEXT ZIP will ban all .ZIP files, regardless of what files or encryption
may be used.
BANEXT EZIP is a temporary measure that blocks .ZIP files where the first
file in encrypted.
-Scott
---
Declude
If we are already blocking those extensions, how would that help?
If you are already blocking .bat, .com, .pif, and .scr files, the new
interim release won't help.
However, if you are not blocking all those files (most of our customers are
not), it will help.
It can also be used if you want
I switched from i5 to i8 6 hours ago. Until now I can see two empty vir
directories. Before I've had one undeleted vir directory per month. (5000 to
7000 msgs / day)
What is in those files?
Have you checked the Declude Virus log file to see the log file entries for
those E-mails?
None are catching this. I just updated all the AV definitions and emialed
me the same virus that arrived this morning..
This new one -- (Dear user of your_domain.com e-mail server gateway...)
likely is not going to get caught by any virus scanners. The only
information that an AV program has
I also forwarded the original message to your email addresswith .zip
attached.
No, no, NO.
NEVER send a virus or any file that you think may be malicious to ANY
E-mail address that is not expecting it.
We have one and only one E-mail address that viruses or suspicious files
may be sent to
Running McAfee WebShield 4.5 MR1a on a mailrelay before my mailserver
(with Declude)
with with Scan engine version 4.3.20 DAT version 4.3.4332 and it's
detecting W32/[EMAIL PROTECTED]
Is it detecting the one with Dear user of your_domain.com e-mail server
gateway... (or similar text)? Is it
At one point, only Declude Virus Pro included this new functionality of
detecting virii in encoded zip files. Is that still the case?
Actually, Declude Virus never had the ability to detect viruses in encoded
.ZIP files (unless the AV program used with it could).
The new feature (BANEXT EZIP)
03/03/2004 10:19:17 Qa313025b008ed2a1 Invalid COM Vulnerability
03/03/2004 10:19:17 Qa313025b008ed2a1 File(s) are INFECTED [:
W32/[EMAIL PROTECTED]: 3]
does this mean that the COM Vulnerability and the virus was discovered?
Correct. v1.78i9 fixes this, so that the Invalid COM Vulnerability
Confirmed. I commented out
# BANEZIPEXTSON
I left in:
BANEXT EZIP
And resent myself the virus and it was blocked.
Good catch. :)
I'll be investigating this to see why that is happening.
-Scott
---
Declude JunkMail: The advanced
Currently does the BANEXT EZIP and BANEZIPEXTS ON commands block the mail
based on the file extension and not scan the email with the configured virus
scanner (See snippet #1 below) i.e. the virus scanner is not called or
doesn't appear to be?
The virus scanner will be called with the latest
Might this be the issue with other folks reporting this problem?
Quite possibly, yes, but that's why I keep saying that people need to read
the information carefully before posting that it doesn't work. :)
-Scott
---
Declude JunkMail: The
I've been using
BANEXT .com
I am seeing on this list that is wrong, and the *dot* should be
removed...correct?
Correct. It must be BANEXT com.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Is it detecting them in an encrypted file? It may be that the virus is
spreading in non-encrypted .ZIP
files as well.
An email from [EMAIL PROTECTED], addressed to [EMAIL PROTECTED] ,
with subject E-mail account disabling warning. was infected with the virus
W32/[EMAIL PROTECTED] in
Today I received a banned attachment message and the extension name was
blank:
message snippet
You have sent an attachment with the . extension.
/message snippet
Why is the variable not being set? How can I tell what is going on with
this message?
If you look at the D*.SMD file that was caught,
Scott - you may shoot me for suggesting this, especially if it has been
suggested before. I am not a programmer so I suggest this not knowing how
difficult it may be, but if both Virus and Junkmail use the declude.exe is
it possible to have things like BANEZIP be defined as a test in the global
I just received a notification message that said:
quote
The mail server for continentaloffice.com does not accept E-mail with
attachments that contain the extension.
/quote
quote
--pbgivjxdscnisewbjysa
Content-Type: application/octet-stream; name=Readme.zip
Content-Transfer-Encoding:
Good morning. Here's a new twist.
I got one this morning that read:
The mail server for continentaloffice.com does not accept E-mail with
attachments that contain the readme.zip extension.
That's how the new change works to prevent it from saying ... contain the
. extension, until a better
the minimum that would be practicaly usable for us :
1- Notifications based on banned extension: ONLYSENDIFEXT, SKIPIFEXT
This we hope to add.
2-BANEZIPEXT2 independant from banext, as in
BANEZIPEXT2 exe
BANEZIPEXT2 com
BANEXT scr
BANEZIPEXT ON
This we will likely be adding.
3-
By detecting the file type instead of just the extension, and allowing
configurable actions based on detected filetype, we could avoid future
viruses that ask the user to rename the file upon receipt.
But, that prevents people from doing the same for good purposes, too. So
you can no longer say
I was trying to test the latest interim and when I tried to send myself a
copy of the virus, NAV outbound scanning caught it even though it was
passworded. I tried to unzip it to make sure and it does require a password.
I didn't think they could detect it like that...
Is this a NAV E-mail
Plain old NAV 2003 on my Win XP workstation that scans e-mail - sorry for
not being specific. BUT the weird thing is there was no e-mail with a PW.
I had saved the file from one that had gotten through and attached it to a
e-mail with the only the word test in the body of the e-mail. I don't
No such thing as BANEXT EZIP??
I believe he meant There is no such thing as BANEZIP ON (because there
isn't one of those). But Don re-posted the summary that I had sent out
last week, which has all the details in it.
-Scott
---
Declude
Yes, Swen forges.
FWIW, we haven't yet seen a single copy of Swen that forges.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus: Catches known viruses and is the leader in mailserver
I'm not seeing both a From and a Mail from listed in the headers that
come back from Declude.
So, it must be in some detail that not in %headers%.
I take it that Declude will send it to the Mail from. Looks like I'll be
testing with Swen Not forging.
You'll see the return address in the
We have Imail 8.05, declude standard v1.75 and recently we have got mcafee
virus scan8. In combination with declude and virus scan 8 on demand scanning
is working fine. We have more than 20,000 users in single domain. In mcafee
virus scan 8 (Active shield) we don't have option to exclude users
I have one more doubt, we have mcafee virus scan8 and Norton anti virus
corporate edition 7.6 also. Can we install both on mail server, is it
recommended to install two AV scanners on the server?
If so then I will disable active shield in mcafee and will use it for
declude as on-demand scanner,
Using the test virus sender on your website, the eicar plain file gets
caught as a virus, where the eicar in a .zip file gets caught as a banned
extension.
That's because:
03/10/2004 08:42:40 Q295c000501aa26d2 Banning .ZIP file with encrypted COM
extension.
It's not a standard .ZIP file, it is
Are the settings for ClamAV in the Declude Virus Manual complete?
Yes, but:
SCANFILE
C:\clamav-devel\bin\clamscan.exe --quiet --log-verbose --no-summary -l
report.txt
VIRUSCODE 1
I would have thought there would be a REPORT line.
There isn't. The problem is that ClamAV doesn't report the virus
There isn't. The problem is that ClamAV doesn't report the virus name in
the standard format. We are, however, looking into finding a way
around this.
There's a standard format? Can I get a copy of the standard? ClamAV is
open source so it might be easier to submit a fix to the source than
I just had a email slip by my IMail server to my PC with the Inor.D in a
.zip (with a .exe inside)
Both are running latest .C version of F-Prot.
What could I have in my virus.cfg that allowed this? I still have the
.zip if anyone wants it.
The first question is why it was not caught by
I saw some talk in the archives about this but since the virus writers have
forced a tighter file banning policys because of zip files are there any
plans to add support for more granular control over banned files on a per
user basis?
We are investigating the idea. It would likely require quite
I'm running F-Prot, McAfee, and AVG. Only McAfee is picking this up. Has
anyone else noticed this as well?
Declude Virus v1.78i25 caught the the W32/Bagle.gen!pwdzip virus in Info.zip
According to McAfee's website, that's Bagle.K (although I don't know why
they don't simply identify it as
Sorry, I know I ve brought this up before but I m befuddled as to how plan
old Norton Antivirus 2003 on my XP desktop using outlook 2002 can pick up
this virus within a passworded file without the password.
Most likely, it was acting the way that anti-spam software does -- it
detected
Scott, I am see a bunch on the following type entries in my virus logs:
Found potentially dangerous stuff in
M:\IMail\spool\Dc62d3de40042810d.vir\0.!
I see that these messages do get held, but rather get delivered. However,
Declude is holding viruses. Is this something I should be concerned
We do already have some support for that in Declude Virus Pro. But, the
problem is that it often isn't possible to tell what the file type is
without the extension. In this case, it would be very difficult to
distinguish a .js file from a .txt file, for example.
There is another problem,
We have been running the latest interims for a couple of weeks (since
the EZIP stuff came out). We are seeing the following error in the
virus logs:
03/18/2004 07:25:33 Qa32252df006a099c Could not find parse string
Infection: in report.txt
03/18/2004 07:25:33 Qa32252df006a099c Error 8 in virus
Does the SKIPIFFORGING include the Vulnerabilities?
Yes, it does.
I was just looking into why I was not receiving Vulnerability
notifications and it appears the
SKIPIFFORGING is stopping these from being sent. As an administrator, I
would like to receive those in case it might be a legit
03/18/2004 11:20:01 Qcc24005d0536a2e6 Error 128 in virus scanner 1.
03/18/2004 11:21:09 Qcc661aa8032aa581 Error 128 in virus scanner 1.
F-Prot doesn't define an exit code of 128 -- I would recommend reinstalling
F-Prot and/or moving to the latest version of F-Prot.
We have this in vulnerability notifications:
SKIPIFVIRUSNAMEDOESNOTHAVE Vulnerability
Will this work ?
Yes, that will work. Those E-mails will only get sent out if a
vulnerability is detected.
-Scott
---
Declude JunkMail: The advanced
I mean will these notifications still get sent for these new beasts
Since these new viruses will be detected and handled the same way as
vulnerabilities, the SKIPIFVIRUSNAMEDOESNOTHAVE Vulnerability line will
work fine (handling these the same way as any other vulnerability).
I to am recording an error:
Could not find parse string Infection: in report.txt
That is normal, if the virus scanner does not detect a virus (but instead
reports a vulnerability).
-Scott
---
Declude JunkMail: The advanced anti-spam solution
what is the vulnaribilité type these new virus/vuln will show in the
virusname variable?
OBJECT CODE Vulnerability
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus: Ultra reliable
Scott, your thoughts?
From what I have seen, AV heuristics just don't do a good enough job to be
useful. Specifically, they seem to catch legitimate E-mails regularly
(typically .doc/.xls files). However, depending on your needs, it may be
worthwhile to use the heuristics, if the occasional
Anyone else having problems with CPU at 100% after updating to Declude
1.78i27 and the f-prot 3.14e?
I have reverted back to previous versions of both products and still no let
up on CPU; spool directory just keeps climbing...
If you go to the Task Manager, click on the Processes tab, and click
How about putting the interim release number on the interim release page?
That is something that we have considered, but we will likely not be doing
(due to the extra work involved).
Or when you do announce interim releases to the list including the interim
release number. That way everyone
I have a customer that is insisting I let .zip files through (I have them
banned right now).
Is there any way to allow email to a single address to go through? If I do
a whitelist entry for this one email address in the global.cfg, will that
work?
You could disable virus scanning for that one
You could disable virus scanning for that one customer (if you are using
Declude Virus Pro). But it is not possible to set the banned file
extensions or vulnerability detect on a per-user or per-domain basis.
I have the pro version
syntax please
You can add a line [EMAIL PROTECTED]OFF
I would now need to go back and try to figure out exactly what settings I
need to stop the bad stuff and allow the good stuff.
FYI, the latest advice is:
[1] Run the latest interim of Declude Virus (1.78i27 or later), and
[2] Block all encrypted .ZIP files by adding a line BANEXT EZIP to the
I was wondering what if any notification are sent out when this is
caught. Is there anything needed to be changed in the global or virus.cfg
files? I downloaded and installed the latest interim release.
These are treated exactly the same as all other vulnerabilities. You do
not need
What are the recommended settings for 3.14e?
We haven't yet changed our recommended settings for F-Prot. We just don't
have enough information yet -- we don't know what kind of false positives
may result from any changes.
-Scott
---
Declude
I would love to find a way to give Scott Co. the way to automatically
force my installation to upgrade to the next interim release, if important.
That is a good idea. There is a third party program that can automatically
upgrade to new betas and released versions, but it doesn't handle
Second question about interim releases: is there documentation? How do I
know how to invoke the newest features, changes to the various config files,
etc?
http://www.declude.com/interim should cover this.
There is (by design) no documentation. If you do not already know how to
make the
Can anyone tell me what this means. I included the later lines as well.
03/19/2004 03:01:17 Qa8cb020101122357 Could not find parse string Infection:
in report.txt
That means that F-Prot detected a suspicious file, but not a virus. When
it does that, it can't know the virus name, so it cannot
Yes, it is v1.78i27 and yes the zip file had 0 bytes and nothing in the zip
file. Should I be alarmed?
No, you should not be alarmed. If it is a 0-byte file, it can't contain a
virus. In this case, it was not an encrypted .ZIP file, so it was not blocked.
Has there been a conclusion as to what the command line should be for
fpcmd.exe?
Our recommended settings are the same as before, as they should catch any
known virus. Unless we have reason to believe that some of the new options
have a good chance of catching new viruses *and* that they are
Was wondering if there is anyway to test and make sure Declude is
catching this?
There isn't a way yet, but we plan to add one to the Test Virus Sender at
http://www.declude.com/tools .
-Scott
---
Declude JunkMail: The advanced
I'm running Declude 1.78i27
I'm running FProt 3.14e
I just had a customer send me an email that they received that was
questionable, and Norton on my desktop caught it as [EMAIL PROTECTED] -- which
has been out for a couple of weeks.
Since this is an encrypted EXE inside of a zip file, it
Was wondering if there is anyway to test and make sure Declude is
catching this?
There is now a test file at the Test Virus Sender at
http://www.declude.com/tools that will test this vulnerability.
-Scott
---
Declude JunkMail: The
Could you add few more options to the test virus files? As someone pointed
out we would probably not block normal files within a ZIP but block
exe/etc files within a normal zip and all zips with encrypted files. I could
not find this option in the test virus menu yet.
The problem is that we only
I tested the Declude OBJECT DATA Vulnerability send and the email didn't
come thru but it wasn't reported as a virus. Is this a known issue with
this test?
Are you running the latest interim?
-Scott
---
Declude JunkMail: The advanced
03/24/2004 11:02:31 Qb110d53600d64d81 Scanned: Virus Free
If there is nothing after the Virus Free, that would indicate that there
weren't any actual attachments.
Most likely, the bounce message included something like Original message
follows:, followed by the original message. In this case,
801 - 900 of 1188 matches
Mail list logo