It's nothing that you did, Mitch.
I brought it up because I thought it was at least worth a quick discussion
to reassure some of our less outspoken members who were wondering the same
thing...
Also, I wanted to know if the new listserver was stripping attachments.
Apparently it is but it will let some of the text ones through. That's
probably a good thing in that for the longest time we had difficulty posting
code and trace logs because of the no attachment rule. Either way, now we
know...
> -----Original Message-----
> From: Mitch Clarvit [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, March 14, 2001 7:07 AM
> To: Henrik Tougaard; 'Michael A. Chase'; Tim Harsch; [EMAIL PROTECTED]
> Subject: RE: InterScan NT Alert
>
>
> My apologies to everyone...believe me, it scared me as well when
> I received
> the alert!
>
> -----Original Message-----
> From: Henrik Tougaard [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, March 14, 2001 1:06 AM
> To: 'Michael A. Chase'; Tim Harsch; [EMAIL PROTECTED]
> Subject: RE: InterScan NT Alert
>
>
> Your suspicion is not quite right.
> It a virus checker, that as default suspects quite short (~50 chars) mime
> separators as potential vira or trojans or something.
> The security manager at news.com.au should change the configuration to
> something reasonable (eg some a tad longer that the solaris mailing system
> uses as default).
>
> The system is also so incredibly stupid, that the alert is sent to all
> recipients of the message (ie this list), but *not* to the original sender
> and not to the person that is was intended for. Explanation: is a
> *!#$£%&£$@@ NT product, that has absolutely no clue as to envelope sender
> and recipients, but only look at the headers (and just bare and quite
> cluelessly at that). It is rumoured to work quite well with some
> MS-mailers
> (like the one I have been @£$#¤"&**** forced to use).
>
> Henrik Touggard, FOA, Denmark
> Who knows all this because his system spammed p5p with masses of this....
>
> > -----Original Message-----
> > From: Michael A. Chase [mailto:[EMAIL PROTECTED]]
> > Sent: 13. marts 2001 20:10
> > To: Tim Harsch; [EMAIL PROTECTED]
> > Subject: Re: InterScan NT Alert
> >
> >
> > My suspicion is that it's a security check for one of the list's
> > subscribers. The post contained fragments of HTML which was
> > mistaken for an
> > attack on the mail reader.
> >
> > Take two aspirin (or don't) and it should go away. Your
> > question and my
> > reply will probably trigger the same complaint.
> >
> > The current server is spotty about stripping attachments.
> > Some text ones
> > get through, but not always.
> > --
> > Mac :})
> > ** I normally forward private database questions to the DBI
> > mail lists. **
> > Give a hobbit a fish and he'll eat fish for a day.
> > Give a hobbit a ring and he'll eat fish for an age.
> > ----- Original Message -----
> > From: "Tim Harsch" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Tuesday, March 13, 2001 10:29 AM
> > Subject: RE: InterScan NT Alert
> >
> >
> > > OK. Maybe one of you guys who know security stuff better
> > than I do can
> > > explain this email. Who is [EMAIL PROTECTED]?
> > >
> > > Does this mean that the email by Mitch Clarvit (which had
> > an attachment)
> > had
> > > a virus?
> > >
> > > Also, didn't the old list server used to strip attachments?
> > >
> > > > -----Original Message-----
> > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > > > Sent: Monday, March 12, 2001 2:25 PM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: InterScan NT Alert
> > > >
> > > >
> > > > Receiver, InterScan has detected virus(es) in the e-mail
> > attachment.
> > > >
> > > > Date: Tue, 13 Mar 2001 09:24:48 +1100 (AUS Eastern Daylight Time)
> > > > Method: Mail
> > > > From: <[EMAIL PROTECTED]>
> > > > To: <[EMAIL PROTECTED]>
> > > > File: 'Community' VALUE=$community>"; print
> > > > "<INPUT TYPE='hidden' NAME='task' VALUE='Edit'>"; print
> > > > "<INPUT TYPE='SUBMIT' VALUE='OK'>"; print " Try
> > > > again?"; print "</FORM>"; print "</FORM>";print
> > > > "<FORM METHOD=''
> > > > ACTION='http://10.1.9.20/courses/coursedata.html'>";print "<INPUT
> > > > TYPE='SUBMIT' VALUE='OK'>";print "<B> Choose another
> > > > option?<B>";print "</FORM>";
> > > > Action: cleaned
> > > > Virus: Email_Flaw_MIME_Tag_Overflow
> >
> >
>
>
