RE: [Declude.Virus] Log file differences
Scott, Thanks I'll check with them. Ed Chabot The Marlin Firearms Company 100 Kenna Drive North Haven, CT 06473 (203)985-3254 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of R. Scott Perry Sent: Monday, December 03, 2001 10:29 AM To: [EMAIL PROTECTED] Subject: Re: [Declude.Virus] Log file differences >I have been trying to get the Log File Analyzer to work and after sending a >copy of a log file to Stu, have determined that my version of Declude isn't >putting the ":" after the phrase "Virus=". Is it possible that I have an >older version of Declude that generated this text in the log files? Is it >possible that I control the way it logs it via my virus.cfg file? I believe the problem is that McAfee sometimes includes the ":" and sometimes does not (it sometimes saves a report file that uses "Found: Virus Name", and other times uses "Found Virus Name"). -Scott This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com . This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
Re: [Declude.Virus] Log file differences
>I have been trying to get the Log File Analyzer to work and after sending a >copy of a log file to Stu, have determined that my version of Declude isn't >putting the ":" after the phrase "Virus=". Is it possible that I have an >older version of Declude that generated this text in the log files? Is it >possible that I control the way it logs it via my virus.cfg file? I believe the problem is that McAfee sometimes includes the ":" and sometimes does not (it sometimes saves a report file that uses "Found: Virus Name", and other times uses "Found Virus Name"). -Scott This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
Re: [Declude.Virus] Strange log Entry
>I see this type of log entry in my declude logs about 2 or 3 times a day. >Can someone shed some light on it for me? > >11/30/2001 10:55:36 Qba0820e Warning: EOF in middle of MIME segment [] >[--2108ef124501dfae7a3ee072572b7fcf] That occurs when there is a malformed E-mail. Specifically, there is not MIME boundary separator indicating the end of the E-mail. This would occur if part of the E-mail was cut off. This seems to happen occasionally with spam, and also happened with the "Anna" virus (which caused it to pass through at least one SMTP-based AV program successfully). That message will only appear at LOGLEVEL HIGH or LOGLEVEL DEBUG. -Scott This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
[Declude.Virus] Log file differences
Scott, I have been trying to get the Log File Analyzer to work and after sending a copy of a log file to Stu, have determined that my version of Declude isn't putting the ":" after the phrase "Virus=". Is it possible that I have an older version of Declude that generated this text in the log files? Is it possible that I control the way it logs it via my virus.cfg file? Ed Chabot The Marlin Firearms Company 100 Kenna Drive North Haven, CT 06473 (203)985-3254 This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
[Declude.Virus] FW: Neu !! Jetzt Symantec Anti-Virus-Protection für IMail Server!!
Title: Nachricht I' ve got even the following message ... thus Symantec is the AV-producer behind this story. -Ursprüngliche Nachricht-Von: Gesendet: Montag, 3. Dezember 2001 14:54An: xxx Betreff: WG: Neu !! Jetzt Symantec Anti-Virus-Protection für IMail Server!! IMail Anti-Virus für IMail Server von Ipswitch Zuverlässiger Virenschutz für IMail ServerEinführungsangebot jetzt nutzen !! Powered by Symantec™ blah blah blah.
DSN:RE: [Declude.Virus] Virus Log File Analyzer
Ed, Thanks for the virus log file. I don't know why your version of Declude writes only the "virus=" without the ":". That would be a question for Scott in his spare time :) In the meantime we are just going to change the change the search string to not include the ":". This should fix your situation. Stu At 04:49 PM 11/30/2001 -0500, you wrote: >Stu, >I have changed the virus.cfg to LOGLEVEL MID and I can see the text "Virus=" >without the ":", and the analyzer doesn't pick up any viruses. Is there >some other setting? Do I have the wrong version of Declude? Any help is >appreciated. > >Ed Chabot >The Marlin Firearms Company >100 Kenna Drive >North Haven, CT 06473 >(203)985-3254 > - CSOnline Technical Support hours - Monday thru Saturday 7am - 1am CSOnline Technical Support Numbers Seneca814-677-2447 Clarion 814-227-3638 Meadville 814-425-1696 Parker724-399-1158 http://www.csonline.net http://www.cshowcase.com http://www.learncenter.com - This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
[Declude.Virus] Strange log Entry
I see this type of log entry in my declude logs about 2 or 3 times a day. Can someone shed some light on it for me? 11/30/2001 10:55:36 Qba0820e Warning: EOF in middle of MIME segment [] [--2108ef124501dfae7a3ee072572b7fcf] ^^^ Thank You, Steven Copeland Network Administrator Pioneer Telephone Cooperative, Inc. http://www.pldi.net http://www.pld.net http:/www.ptci.com *** We trained very hard. But it seemed that every time we were beginning to form into teams, we would be reorganized. I was to learn later in life that we tend to meet any new situation by reorganizing. And what a wonderful method it can be for creating the illusion of progress while producing confusion, inefficiency, and demoralization. GAIUS PETRONIUS ARBITER (First century A.D.) *** This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
