COMPU:AW: [Declude.Virus] SMTP AUTH - Imail v6.06

2002-05-14 Thread Michael Tobisch 

Why not secure the lists(s) with a password?

Best wishes
---
Michael Tobisch
interactiveaustria
Wiesengasse 12
A-8160 Weiz
Tel +43 3172 4930
GSM +43 664 2126941
EMail [EMAIL PROTECTED]
Web http://www.iaa.at
---


> -Ursprüngliche Nachricht-
> Von: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]Im Auftrag von Jack Taugher
> Gesendet: Dienstag, 14. Mai 2002 19:16
> An: [EMAIL PROTECTED]
> Betreff: [Declude.Virus] SMTP AUTH - Imail v6.06
>
>
> (IMail v6.06 - SMTP AUTH)
>
> We need to enable SMTP AUTH for all of our clients -- we've found some
> device/person (IP) on the outside of our network spoofing emails
> to lists by
> the few users who are authorized list posters.
>
> In order to do this, is it best that we just check "No Mail Relay" on the
> server and make all of our users go through the few steps to do SMTP AUTH?
>
>
>
>
> ---
> [This E-mail was scanned for viruses by Declude Virus
> (http://www.declude.com)]
>
> This E-mail came from the Declude.Virus mailing list.  To
> unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
> type "unsubscribe Declude.Virus".  You can E-mail
> [EMAIL PROTECTED] for assistance.  You can visit our web
> site at http://www.declude.com .
> ---
> Dieses E-Mail wurde von Declude Virus auf Virusfreiheit geprueft
> Ein Service von interactiveaustria, http://www.iaa.at
> ---
>
>

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".  You can E-mail
[EMAIL PROTECTED] for assistance.  You can visit our web
site at http://www.declude.com .

[Declude.Virus] Strange...

2004-06-07 Thread Michael Tobisch 
Title: Strange...






I had a problem recently with Declude. The mail server seemed not to deliver, and I had to spool the queue manually each time. No spam or virus tests were made and everything slipped thru.

After analyzing everything, I found out the following: I added the line


FORGINGVIRUS    Exploit-ObjectData


to the virus.cfg file (and the corresponding lines to SKIPIDVIRUSNAMEHAS... to the appropirate .eml files)


There was also the line

FORGINGVIRUS    Exploit-URLSpoof


in the virus.cfg file (and the SKIPIFVIRUSNAME... etc.)


After deleteing both lines and and inserting


FORGINGVIRUS    Exploit


Instead, everything worked fine.


I'm using Declude 1.75, and McAfee 4.0.4364/Scan Engine 4.2.60). Any answers?


(there were 21 lines before defining/skipping forging viruses, now there are 20:) 


FORGINGVIRUS    Bagle

FORGINGVIRUS    Braid

FORGINGVIRUS    Bridex

FORGINGVIRUS    BugBear

FORGINGVIRUS    Dumaru

FORGINGVIRUS    Exploit

FORGINGVIRUS    Fizzer

FORGINGVIRUS    Ganda

FORGINGVIRUS    Hybris

FORGINGVIRUS    Klez

FORGINGVIRUS    Lentin

FORGINGVIRUS    Magistr

FORGINGVIRUS    Mimail

FORGINGVIRUS    Mydoom

FORGINGVIRUS    Netsky

FORGINGVIRUS    Palyh

FORGINGVIRUS    Sober

FORGINGVIRUS    Sobig

FORGINGVIRUS    Vulnerability

FORGINGVIRUS    Yaha


Best wishes

Michael