Re: [Declude.Virus] Goodbye
> Goodbye to all of you, I'm leaving the company and I don't think > I'll get in touch with declude again. > Thanks for all the help in the past years! See ya, dude! --Sandy --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] Declude Virus inoperable for 13% of th year?
> Again to combat this we just need additional developer/s so that we > can dedicate one to maintenance and the other/s to innovation. So you have a single developer who is working full-time on the product, and the maintenance of the product takes an entire person-day? Like on every given day, you spend the whole day making sure the existing feature set works with the then-current version of IMail and SmarterMail? Dunno, man, I think some of Andy's comments about the rate of development of new features sound more plausible. Uncomfortable though it is to point fingers at other developers, the bottom line is that you seem like *less* than a one-man-show. And even a part-time-one-man-show setup might be perfectly fine! But the obvious presence of other management "players" that make it seem a lot less pure. I would guess that a lot of us knowingly put our faith in one-man-shows (I will proudly come out as a user of CrushFTP, which is blatantly supported by one guy, Ben -- but he throws his life into it as Scott once did, for better or worse), because we want people to have that same faith in our small companies. But everything needs to be up front. > Yes that community was (and what is left) is extremely helpful and useful. I can speak as someone who very lightly supports Declude at one distant customer at this point (like, an hour per 6 months), but who once was very active here. Once Declude decided it was going to go "big-time" without building a GUI configurator, I knew this wouldn't work. It is that very strange class of Windows-based product that is/was loved by the most technical fringe of the Windows/SMTP community for its flexibility, though it sometimes seemed to have opacity just short of Sendmail macros! But once you stop building features, knowing the secret world isn't fun anymore. There were just so many misapprehensions about the promise of the product at the point that you went corporate that I felt it was all downhill. An ex-partner of mine once whined, "Why can't *we* be a giant software company?" "Because," I said, "there are two of us working [then] on a product to sell to maybe 200 people." > time. But if I should speak for myself. I realize I can't make everyone > happy its part of my job. Here is a case in point, let's use this scenario. > 1. AVG fails > 2.IMail release version 11 which is incompatible with Declude This is an incomplete scenario by a long shot. How many person-hours must be committed for each fix? Do you find out about IMail incompatibility in a pre-release beta version, before anyone can reasonably squawk about 0day incompatibility? > If I choose to fix AVG first - IMail users scream If you found about a non-working antivirus _in production_, but non-working IMail _in beta_, there is no choice! Also, it would appear that non-working AV is not only more urgent in its own right, but would affect ALL users -- so this is really bad example for your viewpoint. > The only thing that would change this current situation is revenues which > means price increase. (Maybe it is time?) Maybe it is time to [a] dissolve the company as is [b] sell the product to a developer [c] (re)package it as an owner-maintained, purpose-built software tool [d] build up from there as needed I would hope there is enough revenue to keep a single developer supported at an industry-standard income + do some marketing. I mean, not every product is meant to beat the world financially. Some products just are destined to lead technically. --Sandy --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] WAY OT: PowerBuilder position open
Hey all, I know we all do lots of strange things outside of messaging, we're (at least partially) Windows guys, and the gurus here are as real as they come on any app or OS. So I wondered if anyone is -- or knows someone who might be -- interested in a full-time position as a senior PowerBuilder developer. The position is with one of our clients, a midtown NYC financial firm; SQL knowledge is also a prerequisite, but IME most PB people know Sybase, so I would expect that to not be a hiccup. Me, I happen to respect PB a ton based on what this client has been able to do with it over the years, but I don't use it. Interviews would be straight with the employer, naturally. Some relocation costs might be covered, not sure. Write back to me directly if you have anything to share! Thanks, Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/ http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/ --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
[Declude.Virus] WAY OT: PowerBuilder position open
Hey all, I know we all do lots of strange things outside of messaging, we're (at least partially) Windows guys, and the gurus here are as real as they come on any app or OS. So I wondered if anyone is -- or knows someone who might be -- interested in a full-time position as a senior PowerBuilder developer. The position is with one of our clients, a midtown NYC financial firm; SQL knowledge is also a prerequisite, but IME most PB people know Sybase, so I would expect that to not be a hiccup. Me, I happen to respect PB a ton based on what this client has been able to do with it over the years, but I don't use it. Interviews would be straight with the employer, naturally. Some relocation costs might be covered, not sure. Write back to me directly if you have anything to share! Thanks, Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/ http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/ --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[4]: [Declude.Virus] Running declude 4.x
> P.S. This time, I clipped out the Org setting completely. Yeah, uh, _this_ time. . . . :) Last test. I'd never use the list for tests, normally, but this time it's the list that has the prob (that is, I'm not running 3+) --Sandy --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus]
Organization:Cypress Integrated Systems, Inc. X-Priority: 3 (Normal) Message-ID: <[EMAIL PROTECTED]> To: Kevin Bilbee Subject: Re[3]: [Declude.Virus] Running declude 4.x In-Reply-To: <[EMAIL PROTECTED]> References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Never mind, the headers did not change with that last attempt. I'd noted that The Bat! was leaving out the space between the Organization: header and my company name, so I prepended a space to the setting within the GUI to try to get around this. The source of the outgoing message remained the same, though. Seems 'Bat is intent on mucking up that header, even stripping off leading spaces to make that happen! This is def'ly a bug in 'Bat, but I think Declude's reaction -- if it's indeed reacting to this bug -- is extreme. Gotta degrade a little more gracefully, I think. My v3.65.03 is the latest 'Bat, so RITLabs has gotta get on the ball with this one, too. --Sandy P.S. This time, I clipped out the Org setting completely. Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus]
Organization:Cypress Integrated Systems, Inc. X-Priority: 3 (Normal) Message-ID: <[EMAIL PROTECTED]> To: Bill Green dfn Systems Subject: Re[2]: [Declude.Virus] ClamAV Footer ... In-Reply-To: <[EMAIL PROTECTED]> References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit > Sandy is Sanford Whiteman. He is a regular, knowlegeable, and very > appreciated contributor to this list. Hey, thanks, man! That's nice of you to say. The download location for FOOTER32 is www.imprimia.com/products/software/freeutils/footer32/download/release As Matt noted, it's true that there's no space for dynamic content per se. _Periodically_ updated content like the virus signatures could be written out pretty easily to the .TXT files that FOOTER32 uses as input; you could either have this triggered when an update comes in, maybe by parsing a notification e-mail that you get for every update or something like that. . . or, even easier, by running a batch file every hour or so that checks the signature date/version and writes this out to new .TXT files. However, _totally_ dynamic content like the incoming timestamp of each message could not be accomplished. --Sandy Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] Scanner Parameters
> Thanks as always. Do you happen to have the correct content for the > REPORT entry? Good question. I _think_ you want REPORT - With two spaces after the keyword REPORT. --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Scanner Parameters
> Does anyone know the values to use for these in order to get a virus > name reported. NOD32: /logrewrite /log+ /log= --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] SPAMC32 (SpamAssassin SPAMC for Declude) 0.5.58 released
> SA-1 external nonzero -y -lt (1) -ht 0 -e -f" -1 0 If you're using a 'nonzero' test definition, don't use '-e'. You want SPAMC32 to return just 0 (ham) or 1 (spam), depending on the local thresholds. Using -e with negatives is what got you into trouble in the first place. :) --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] ANN: SPAMC32 (SpamAssassin SPAMC for Declude) 0.5.58 released
-- SPAMC32 Release 0.5.58 1/10/2006 * Release notes for this version: [ + Added feature] [ * Improved/changed feature ] [ - Bug fix ] [ ^ Cosmetic/naming change ] [+] Added support for negative values to '-lt' and '-ht' switches, which control client-side spam thresholds. This was necessary because Declude does not appear to properly detect negative return codes, although SPAMC32 can return them. A workaround is to use negative client thresholds, such as SPAMASSASSIN external nonzero "c:\imail\declude\spamc32.exe -lt (20) -ht 0 -f" 0 This test definition will set SPAMC32 to return code 1 to Declude if the SPAMD result is between -20 and 0. NOTE: because of the way SPAMC32 parses the command line, it is necessary to express negative values in the 'spreadsheet' style that encloses them in parentheses and does not use the minus sign, i.e. (20) instead of -20 The negative value will NOT work as expected if you use the minus sign. --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/ http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/ --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] AVG
> The licensing is the one bugger about Symantec. I hadn't gone with > F-Prot for my real-time scanner because you cannot configure exclude > directories (what a pain!). That is pretty cool though about the > on-change scanning option with Symantec. I'll have to weigh the > options to see which direction I want to go in. I really appreciate > your input (your too, Scott). I recommend NOD32 for memory-resident scanning (and for command-line scanning too, for that matter). 15 server licenses can be had for $500 with a 1-year subscription, and its speed and accuracy are very competitive. --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] ANN: 5xxSink 0.5.01 update, IIS SMTP text-file recipient validator now supports 'nobody' wildcard domains
-- 5XXSINK Release 0.5.01 12/12/2005 * Release notes for this version: [ + Added feature] [ * Improved/changed feature ] [ - Bug fix ] [ ^ Cosmetic/naming change ] [+] Added new feature, RHS PRESCANNING, to help with processing of large recipient lists under certain circumstances. The prescan.txt file, if it exists, is scanned before the rcptlist.txt. If a match is found, processing continues in rcptlist.txt. If no match, 550 is returned immediately. If no prescan.txt is found, the feature is not enabled. The intent of prescan.txt is that it can be a global repository for allowed RHS (right-hand-side, i.e. domain) strings. You list all of your domains in prescan.txt as follows: @example.com @example.net etc. When messages are processed, they are FIRST matched against this list. This allows you to cut down the initial scan for recipients at _unknown_ domains substantially; for example, if you have 100 hosted domains with 100 users each, and you are the erroneous victim of a directory harvesting attack against a domain you DO NOT host, rejections with prescan.txt in place will take 1% of the time they if the entire rcptlist.txt were scanned! However, be somewhat careful: scanning prescan.txt does add its own overhead. If you are not concerned about such pure-DoS attacks, you will end up lengthening the lookup time for each recipient, though likely the effect would be negligible. NOTE #1: if prescan.txt is enabled, users _must_ have their domain listed in prescan.txt AND their username in rcptlist.txt (or, if they are in a wildcard domain, they must have that domain listed in prescan.txt _and_ in rcptlist.txt). NOTE #2: RHS prescanning is not the same as domain wildcards. Do not be confused. See below. [*] Official support for DOMAIN WILDCARDS. This support in fact existed previously, but I was determined to discourage people from using it, since I'm such an opponent of 'nobody' setups. Well, a few people wrote to me and changed my mind. Anyway, when you enter wildcards, you do not use the asterisk (*) character. You simply enter domain names like so: @example.com [EMAIL PROTECTED] @example.net [EMAIL PROTECTED] You may as well put your domain wildcards at the top of your list, so they get processed first. You're going to need all the help you can get processing the backscatter. . . . --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] ANN: Availability of 5xxSink 0.5.00, IIS SMTP event sink for text-file recipient validation
All, I've posted 5XXSINK, an IIS SMTP event sink (freeware) that allows you to block unknown recipients at your IIS 5.0 or 6.0 MX by populating a barebones textfile. Those who use the powerful IIS SMTP engine as an MX have no built-in method of preventing brute-force spam runs from overwhelming their internal content scanning and mailbox servers with wasted message processing and double-bounce generation. Several commercial anti-abuse products can add this functionality, but they can add undue cost to a large server farm, and seem like overkill when a well-tuned content scanning engine (IMail's, Declude's, etc.) already exists internally, save for the fact that it sees messages that should never get that far. While it is debatable whether having envelope recipient validation at your MXs will reduce the number of spammers making initial connections to you, it cannot be denied that having such validation will save your hardware and bandwidth resources beyond the first part of the SMTP conversation. Recipient validation at the MX can make the difference between a workable anti-spam content scanner and one that fails because it's overwhelmed by messages it should never see. 5XXSINK is designed to do one thing, do it well, and do it for free: to look up full e-mail addresses in a locally stored text file and reject all RCPT TO commands that do match a line in the file. That's it. 5XXSINK is NOT designed to do any of the following: connection throttling, tarpitting, greylisting, sender validation, HELO interpretation, or DNSBL lookups. It expects that a robust content scanning solution exists behind, or perhaps on, the IIS SMTP server (although commercial IIS SMTP integrations solutions usually duplicate 5XXSINK's recipient validation functionality -- and then some). Again, the sole function is to keep messages that absolutely, positively do not need to be scanned out of the scanning path. There are no false positives with recipient validation, so it's an obvious first step in an anti-abuse chain. 5XXSINK is multithreaded and likely performs its very particular function as fast as practically possible. * * * Download: http://www.imprimia.com/products/software/freeutils/5xxsink/download/release Be sure to go over the README in-depth. That's where it's at. Support: Through the IMail and Declude support lists, as the communities primarily served by the product. Please post support questions as [OT] to create a public archive and to encourage knowledge sharing. --Sandy --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] Declude virus notification
> So the implication is that Declude knows about this and it will be > fixed in the next release, whenever that may be. Hmm. . . I'd like something along more explicit lines, like a post from development. Is't possible? Again staying just shy of a rant, as in my recent post to the Junkmail list on the same topic, but this is exactly the kind of reason that I'm not touching 3.0, and perhaps never will. A primary reason to use DV/EVA over other products (selective notification) is broken, and it's only fixed in a secret pre-release version? Ugh. Tell me less! --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] Another Sober out. (=> idea)
> It's only a question of time that AV-engines will run a virtual PC > sandbox and let start inside the suspicious file. If certain actions > are taken like outgoing smtp-connections, registry-changes, changes > in the %windir% directory structure it's very suspicous. Not sure that I agree that the in-line scanning sandbox is so feasible. It's been spoken of in various forms for about a decade now, but hasn't reached the mainstream. I think the real-world feasibility problem is understandable, when, for example, you're talking about files like MSIs, installer EXEs, etc. Outgoing connections, registry changes, and system area changes are not only not suspicious with legit files of these types, they actually define their _normal_ behavior. Certainly, the big virus response centers run things through sandboxes over longish periods of time to catch their signatures. But letting something run for a day as a simulation is not going to fly for mail scanning, y'know? > First of all in my opinion it should be replicable across multiple > servers in order to avoid failures due to overload and DDOS-attacks. That would certainly be the case with any DNS-based database, but. . . > Adding additional file properties like file size and CRC checksums > is a good idea. Who has the knowledge to set up such a > DNS-structure? . . . rather than starting from scratch, I'd first look closely at the development of prior concepts like Pyzor, Razor, and DCC. None of these well-accepted distributed-digest networks use straight DNS, though I'm not exactly sure of the reason(s). One may be the extended "write" command set that they support for message submission, which might be easier to implement using DNS now than it was in the past, since DDNS is in wide use. Another reason is likely the need for a security wrapper. And another reason is the maximum request size they support. Then again, your idea -- and I like it a lot -- may not require a read/write protocol, and may be totally public. If only used for public lookups, DNS may prove to be usable. I think we should also think about extending SMTP as a transport as well, since it's more flexible and has an existing command set that's easy to use for pass/fail/tempfail + verbose result string. Of course, seeding the server side of an SMTP-based solution would be significantly different from seeding a DNS-based solution. Doesn't have to be too hard, though. . . you can use an envelope (streaming) content filter (as offered by many MTAs, though not by IMail) to serve this up to the world, setting up the message digests as if they were keywords. Full disclosure: I'm already doing this for various experimental purposes, and am excited by it. True, though, it does not natively support a replication protocol. > Who can develope an external test who is able to extract all > attached file names (full Mime-type support needed or based on the > temporary directory created by declude.virus? My feeling is that using Virus' built-in MIME decoding is a better move, since it's been tuned for irregular encodings for quite a while. If you discover bugs in it (like Matt has), the fact that you're truly relying on it for virus protection should help get them fixed, whereas if you use a third-party library (let alone trying to build and test your own library), you can't make feature requests directly to Declude. I think anything that doesn't satisfy in Virus (EVA) should be brought immediately to the developer. > Should it be an external test for d.junkmail in order to have much > more possibilities or should it act like an av-scan engine with > simple result codes and a report-file that is able to give the > feedback as virusname like "file ... is a possible virus" While I would admit that building as a Junkmail test would be more flexible, I think that duplicating Virus' MIME work is a bad move. Better that we continue pressure to get Junkmail full MIME capability, which has been a long time coming. Eventually, I'd hope that the two products merge, like all the other framework/aggregator products out there (I don't know of any other mail security products that attempt to segregate the "types" of external executables you can shell to. . . it doesn't really make a lot of sense). --Sandy Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] how is Declude 3.x?
>What are you running? 2.06 with IMail 8.15? >We're still running IMail 8.05 and 1.82 currently. Those are the exact combos we're running, a couple of each with JM+Virus. And I believe there's one Imail 7.15/Declude 1.82 machine running just Virus. --Sandy -- -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. mailto:[EMAIL PROTECTED] -- --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] how is Declude 3.x?
> 3.0.5y.20 on Imail running fine here. I think it would be helpful if 3.0.x adopters could mention IMail/SmarterMail version, Windows OS version, msgs/day, and which (publicly available) external tests they're running. I honestly thought, after the rash of buggy releases and seemingly insufficent internal testing, that I would not deploy 3.0.x for several months, if ever. I'm sure I'm not alone. --Sandy -- ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. mailto:[EMAIL PROTECTED] -- --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] ANN: Availability of footer32 0.5.55, Declude add-in to add footers to text and html message bodies
All, I've posted FOOTER32, a Declude Junkmail add-in that can add footers to both text/plain and text/html MIME parts. Development was triggered by an IMail user's request to add legal disclaimers to all outgoing messages (currently impossible with vanilla IMail/Declude), but the tool can certainly be used to add footers for other purposes. Installation is simple: FOOTER32 is a Declude external test with (typically) a weight of 0. Configuration is by means of a few basic command-line switches: - Like our SPAMC32, FOOTER32 offers the option to have a skip-if weight (-sw switch) so that it will not be run if the message has already achieved a predefined weight (if the message is going to be quarantined or deleted, there may be no reason to add a footer). - Maximum message size (-a) for rare occasions when processing power is very limited and you don't want to parse out and rewrite very large messages. This will certainly not be workable for legal disclaimers, but could be for other uses. - Footer file (-yf) allows you to specify the text file that contains your footer text. Different hosts can have different footers, or none at all, by passing the Declude %LOCALHOST% variable on the command line. - No-footer file (-nf) allows you to specify the signal file (can be a 0-byte file) that will turn off a disclaimer for selected hosts. This is helpful if you are using a single shared footer file for all hosts except a chosen few. - Outgoing-only (-oo) only adds footers to outgoing messages, using the Declude %INOROUT% variable. Operation is by means of simple insertion within MIME assembly: - Text body parts have the contents of the footer file appended verbatim. - HTML body parts have the contents of the footer file appended in a fixed-width font, with HTML entity codes substituted for carriage-return and space characters. This allows for full-justified footer.txt files to be appended in a businesslike, neutral format. There are currently no plans to change this behavior -- FOOTER32 is designed to adapt plain-text footers to plain-*looking* HTML footers, not to provide a design platform for fancy signatures! The download URL is: http://www.imprimia.com/products/software/freeutils/footer32/download/release/ Notes: - Support and feature requests will be through the Declude Junkmail list. - The usual disclaimers about modifying message bodies in transit apply (PGP, iCal, etc.). - Badly malformed MIME messages will cause the tool to exit harmlessly, but without adding the footer. You can forward unaltered messages to me, and I'll see what I can do, but that can be a can of worms: this isn't a security application, so working around non-standard mailers was far from a priority. The main goals here were (1) to reliably add footers to rich-text messages created by RFC-compliant mailers, (2) to show "good faith" in attempting modifications to broken messages, and (3) and to degrade gracefully if unsuccessful. Enjoy! --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/ http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/ --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] BitDefender updates
> Since it appears that the free version of BitDefender works with Declude, > how do you go about doing updates, as it appears there is no auto update for > the free version. There's a nice auto-updater in MY free version. :) Maybe you have the wrong download. . . . --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] excahnge2aliases
> A search of the archives is difficult as any search for > exchange2aliases brings up all of Sandy's posts, which are prolific. You know, that's a really good point. "Search without sigs" would be a good feature. Try these threads: http://www.mail-archive.com/imail_forum@list.ipswitch.com/msg85346.html http://www.mail-archive.com/imail_forum@list.ipswitch.com/msg98170.html It's not that I don't want to help, but I want to make sure any existing info is. . . reinvested. --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] F-Prot Alternative
> We have been running F-prot as the virus scanner with Declude for > over a year but lately it seems to have more and more bugs in it. > What do others recommend as low-cost scanners to work with declude? I've been finding BitDefender to have a very reliable auto-updater, which is obviously not the case with F-Prot, and its catch rate is slightly better. Using Bill Landry's virus.cfg hints, I recently switched all of our managed boxes to at least BitDefender (BitDefender + F-Prot if running Pro). However, BDC.EXE is very CPU-hungry -- I won't deny it. I have the luxury of multiproc boxes, lots of links in the SMTP chain, etc. If you're running everything on a single box, or have endangered resources, be careful. --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Warning for Imail 8.2 updaters when using external datase (mysql)
> For all the others who also use Imail in combination with mysql for > the user accounts. . . You should let the DigiPoss guys know about this, if you haven't already. The change to the DLL shouldn't be tough on their end (given the new source), but they will def'ly have to reimplement. --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Virtual domains
> Does declude AV protect virtual domains? Of course. FTR, _all_ IMail domains are "virtual" in the product jargon. There are IP-ful and IP-less virtuals. --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] hlp attachments
> Any one have information on a virus that uses that? New MS hotfixes from the last two days--one covers a vulnerability in WinHelp. --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] ANN: SPAMC32 (SpamAssassin SPAMC for Declude) 0.5.56 released
> How does it do that or was this intended for the Declude JunkMail > list not the Virus list Declude Junkmail. The announcement was cross-posted for those that are users of the Declude core product. --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] ANN: SPAMC32 (SpamAssassin SPAMC for Declude) 0.5.56 released
All, SPAMC32 has been updated to more easily function as a Declude 'weight' test type in addition to the default 'nonzero' type and the other command-line threshold options. See the release notes below and download from the traditional /release folder. --Sandy -- SPAMC32 Release 0.5.56 11/1/2004 * Release notes for this version: [ + Added feature] [ * Improved/changed feature ] [ - Bug fix ] [ ^ Cosmetic/naming change ] [+] Added switch '-e' to allow more granular management of SPAMD weights from a calling application. With -e enabled, SPAMC32 sets its exit code to the rounded weight received from SPAMD, regardless of client- or server- based spam thresholds. -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.mailmage.com/products/software/freeutils/exchange2aliases/download/release/ http://www.mailmage.com/products/software/freeutils/ldap2aliases/download/release/ --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] Scott, what is our future?
> So what do you do when the next IMail exploit pops up such as that > LDAP exploit and you have no way to fix the bug? Can a serious > business even take the risk of this happening? There's no evidence to suggest that security-related patches will not be made available for old versions, as evidenced repeatedly in the pattern of moves from 5-6, 6-7, and 7-8. The particular exploit you mentioned is in a component of IMail that is now open-source, and so by definition can always be patched. Furthermore, using IMail simply as a wrapper for Declude gives you only one possible attack vector (SMTPD) in a module which essentially hasn't changed in several years (SMTPD retains its old, non-multithreaded code, despite QUEUEMGR's improvements on the delivery side). Such patterns may change, but telling our IMail clients that we're choosing them a new product _now_ would be an admittance of a sheer lack of control. I'd prefer that the development of, for example, a new Declude MTA or preferred MTA integration not be paced by user panic. --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] Scott, what is our future?
> What is everyone talking about here, is Imail prohibiting add on's > such as declude in future versions No. > is declude launching a new version for another platform? It is, as ever, hoped-for but not confirmed. > The panic level just went up with those last few emails. It sure did, and despite Ipswitch's scurrilous tactics, I'm not sure exactly why so many people are panicking, declaring that they (the sysadmins) are "outta here" and running out to find another MTA. If you're running 8.1x or 7.1x and are satisfied with its performance as the "wrapper" for great add-ons such as Declude (and in turn for Sniffer, etc.), then why all the make-work? Sure, it's never good to be faced with the knowledge that your relationship with a given vendor will be over when you _do_ want more features, but the argument for this overnight or near-term migration only makes sense if you have a current, spec'd out need for a new feature that (a) is in ICS, but therefore beyond budget within the Ipswitch product line, or (b) is not in ICS, but must be found immediately nonetheless. A couple of posters have implied that they will move to Exchange, since their last best chance to avoid that move (a cheap ICS) hasn't been met; this makes sense as in option (a). Someone expecting needing envelope-level anti-spam rejections might move on as in option (b). But wherefore all the other cut-and-run posts? We're only now moving some of our last Novell 4.11 shops over to non-Novell OSs, and these clients have known for a shocking number of years that they would not be using NetWare when the time came to move on. Were we all angry at Novell for abandoning us when 5 and 6 both (in our opinions) sucked? Yes. Did _we_ abandon _them_ in revenge, when maintaining their most recent release didn't cost a thing? Certainly not overnight. --Sandy Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] Fprot GDI Scanner lines.
> BTW, you forgot to mention the possibility of a Code Red type of > exploit where a worm crawls from server to server and installs it's > automatically infecting payload on the sites that it infects. That's because I was only mentioning e-mail-driven infection vectors. Browser-only attacks (spyware-driven, popups, whatever) are a whole other piece of the pie, as are out-of-band worms and so on. > I do a lot of graphic design work and haven't found a non-MS app yet > that had a vulnerable version of GDI on all of the machines that I > own. We have noted Flash MX, which has a bad copy that could readily pose a risk if it's in the PATH, even if not used by Flash itself. ("Although some Macromedia products do install a vulnerable version of gdiplus.dll, no Macromedia product uses this Microsoft graphics library to process JPEG images, therefore there is no security risk.") And, though we don't use it, many cross-platform Mac/PC shops do use FileMaker Pro 7, which ships with a bad copy. --Sandy Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] Fprot GDI Scanner lines.
> It seems fairly certain that this virus will be released within an > encrypted zip Maybe, maybe not. The easiest way to get a payload delivered via e-mail right now is certainly to just pop a JPEG directly into an HTML message and rely on unpatched Outlook to render it; remember, launching a JPEG from an archive may end up launching a full-fledged photo editor that may not even be a Microsoft product. Another e-mail-driven infection vector will be messages from "known senders" with clickable text that simply generates an image/jpeg response stream for unpatched IE. EZIPs aren't my worry with this one. --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] Fprot GDI Scanner lines.
> How can we setup Declude Virus to look for multiple lines in the > report.txt file? Perhaps two almost-but-not-quite-identical SCANFILE entries with different REPORT entries...? Yes, double the resource utilization. Only a stopgap and not tested yet. --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] Attack?
> Of course this means that most "Out of office" messages will not > make their way into your system And you will be doing your users a great disservice by rejecting hop-one bounces. And you will get blacklisted. There is no informed, rational reason to disable all messages from the null sender. --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] Attack?
> Declude never sees it anyway; never makes it to the queue. It errors > on the RCPT TO: line. With the Refuse Null Senders box checked, it > errors one command earlier, on MAIL FROM. Probably not enough to > make a difference. Actually, it would be a significant difference under load. But this is absolutely the wrong way to go about this. --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] IMail?
> where can I buy IMail? (not at Ipswitch.com, cheaper :) Google and Froogle are your friends. --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Second mail server
I'd recommend using ldap2aliases (see my sig) to synchronize the userbase into an alias table on the secondary. In normal operation, mail will be forwarded to the primary, enabling you (among other benefits) to save on a Declude license. _If_ the primary goes down hard, you'd then delete the alias key on the secondary, causing mail to be delivered locally on the secondary rather than being forwarded across the wire. --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.mailmage.com/products/software/freeutils/exchange2aliases/download/release/ http://www.mailmage.com/products/software/freeutils/ldap2aliases/download/release/ --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[3]: [Declude.Virus] BSOD and IMail-Server reboot
> I think we use a Real-Tek NIC for our IMail-Server. No matter what the nitty-gritty of the Intel issue, and no matter its current relevance to your issue, RealTek is about the last vendor I would use in a server. --Sandy ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] ANN: Availability of exchange2aliases 0.5.00, useful script for Exchange users
All, I've posted exchange2aliases, a VBScript that helps automate the cumbersome task of rejecting unknown users for remote domains. The script is designed specifically for those running IMail MXs, with or without Declude, in front of Exchange mailbox servers. In order to use the script, you first change your remote domains from classical store-and-forward domains with no local presence (save a HOSTS entry) to IMail virtual hosts with no users, a simple change. You'd then create a new recipient policy for your Exchange organization that allows users to receive mail at, for example, exchange.example.com in addition to their primary address at example.com (many Exchange setups already have such a policy in place because they use a .local AD domain). Make sure that IMail sees the MX for exchange.example.com as the Exchange server's internal IP, or hard-code the mailroute in HOSTS if you want. When you then run Exchange2aliases, either scheduled or ad hoc, it will scan all of the Exchange addresses for AD and SMTP domains you specify and create corresponding IMail aliases for each--thus allowing for envelope rejection on the IMail box. By default, exchange2aliases clears and replaces the entire _aliases table in IMail every time you run it, which would typically be the preferred behavior, but this behavior may be disabled using a command-line switch. The exchange2aliases command-line options are visible by running 'cscript exchange2aliases.vbs' after your download. Please post support questions as [OT] to the IMail or Declude forums to create a public archive. Regards, Sandy P.S. Also please note a URL change for SPAMC32 as shown in my signature. ---- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange Addresses into IMail Aliases! http://www.mailmage.com/products/software/freeutils/exchange2aliases/download/release/ --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] OT: Call for beta testers
All, While no one has protested, it's possible that the beta invitation might have looked like a commercial plug to some of you. We initially thought of indicating otherwise outright, but decided that it that might look as if _we_ had protested too much. For the record, this project is mostly underway to treat our Exchange clients to a taste of Sniffer and get a little more respect for our coding group. We currently expect to make MilterSink available free of charge. True, it's impossible to rule out a huge volume of feature requests and a pay (shareware-cheap) version down the line, but this is not in any current plan and was not the motivation for my post. Again, sorry if y'all felt spammed. Incidentally, I have kept this off the IMail Forum because it embraces competitive technology, even if free. --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] OT: Call for beta testers
All, MailMage is seeking beta testers for our latest utility, MilterSink. MilterSink is a highly configurable DLL event sink for Microsoft's IIS SMTP service (a.k.a. MS SMTP) allowing for the integration of command-line content scanners. Originally designed to wrap our SPAMC32 client for SpamAssassin, MilterSink can also be used with SortMonster's Message Sniffer or any console-mode milter, and even offers rudimentary support for Declude Junkmail. Basic actions to be taken on scanned messages include header insertion, subject modification, server-side quarantine, or deletion. Advanced features will include multiple milter support (up to four per server), compound tests, message rerouting, and more. All interested should subscribe to the miltersink-beta mailing list at http://listbot.cypressintegrated.com and pursue additional discussion there--I don't want to clutter this list. We'll give the list a couple of days to fill up and will likely distribute the 0.5.0 Beta on Wednesday. As always, documentation brings up the rear. :) Regards, Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/download/software/freeutils/SPAMC32/Release/ --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Fwd: OT: JM/Virus modules
I have no idea why I forwarded that so sloppily. Sorry. --Sandy Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/download/software/freeutils/SPAMC32/Release/ --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Fwd: OT: JM/Virus modules
[Scroll down for forwarded message] -Original message text--- From: Sanford Whiteman <[EMAIL PROTECTED]> To: [EMAIL PROTECTED]@declude.com Date: Wednesday, March 3, 2004, 1:55:39 PM Subject: OT: JM/Virus modules [Marking this as OT to de-escalate it on such a busy day.] I just wanted to put a word in for the (far future) separation of JM and Virus interim functionality. The new anti-zip flexibility looks great, but I've read and experienced enough of the continuing adjustment to interim functionality that I really never deploy interims anymore. Like many (most?) users, the huge majority of my Declude maintenance time is on the JM side, and I need that functionality to be as stable as possible. If Declude were to become more modular, with a core DECLUDE.EXE and DECJM.DLL and DECVIRUS.DLL, mightn't it be possible to introduce _some_ cool stuff for one product without any changes to the other? Of course, many changes--logging or any other shared routines--would surely involve changes in the core module and so an overall upgrade could not be completely avoided...but _some_ product enhancements could be slipstreamed in without regression worries in the other product. I can readily imagine that this would create a giant tangle relative to the current development process--I have even worried that my _own_ modular code should be consolidated for performance, especially when I build a process-centric product like Declude and have to accept DLL loading overhead on every execution--but the end result might be a little less apprehension. Just a thought, for the far future, and surely one voiced before. :) --Sandy -------- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/download/software/freeutils/SPAMC32/Release/ ---End original message text- --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.Virus] OT Imail 7.07HF2
> Using SQL2000 and everything as it should be. I wouldn't say that, by definition. Does root have a user folder? Have you deleted and recreated the user (you can do so from SQL, and the GUI will 'protect' the new user). > I can assign another user same admin rights and can login and > administrate with that user but when I try 'root' it fails > completely. You mean '[EMAIL PROTECTED],' right? I presume you do, but just checking. > throws up an IE DNS error page. What is the failing URL? > Yeah, I hate that forum. You do? > If I don't get a response here I will just not bother with the > problem till later this month when I buy a contract from Imail. Wow, your optimism is not the norm. :) -Sandy --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.