RE: [Declude.Virus] Confidentiality notice
Great, thanks!! -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Darin CoxSent: Thursday, October 13, 2005 11:49 AMTo: Declude.Virus@declude.comSubject: Re: [Declude.Virus] Confidentiality notice This has long been limited only to text-based emails, but Sandy released a utility in the past month See http://www.mail-archive.com/declude.virus@declude.com/msg12388.html Darin. - Original Message - From: Rodney Bertsch To: Declude.Virus@declude.com Sent: Thursday, October 13, 2005 11:31 AM Subject: [Declude.Virus] Confidentiality notice Hey all! I'm not sure if this is a function of Declude or I-Mail, but I am trying to add a confidentiality notice to the bottom of all our outgoing e-mails. I've been poking around and haven't seen anywhere that I can do this. Is anyone else using this and how do I enable it? Thanks, Rodney
[Declude.Virus] Sudden Internet Slowdown
Hello all! This may be off topic, but has anyone else experienced a sudden Internet slowdown this morning starting about 11:00 EST? We have locations across the country and are experiencing problems in about half our locations, most using SBC DSL for Internet service. Our primary Telnet app is DOA in these locations and e-mail and web surfing is slow everywhere. Thanks, Rodney Bertsch --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Sudden Internet Slowdown
Whew! Thanks for the updates! At least we know we're not alone in this. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Colbeck, Andrew Sent: Friday, September 09, 2005 11:43 AM To: Declude.Virus@declude.com Subject: RE: [Declude.Virus] Sudden Internet Slowdown According to this: http://loadrunner.uits.iu.edu/weathermaps/abilene/ Most of the major links on the Internet are very busy. Interestingly, the Houston-Atlanta link is back up, and was hard down due to Katrina for a week. Andrew 8) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rodney Bertsch Sent: Friday, September 09, 2005 8:30 AM To: Declude.Virus@declude.com Subject: [Declude.Virus] Sudden Internet Slowdown Hello all! This may be off topic, but has anyone else experienced a sudden Internet slowdown this morning starting about 11:00 EST? We have locations across the country and are experiencing problems in about half our locations, most using SBC DSL for Internet service. Our primary Telnet app is DOA in these locations and e-mail and web surfing is slow everywhere. Thanks, Rodney Bertsch --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. attachment: winmail.dat
RE: [Declude.Virus] Sudden Internet Slowdown
Clean up on aisle 13, the Internet barfed again... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Matt Sent: Friday, September 09, 2005 11:49 AM To: Declude.Virus@declude.com Subject: Re: [Declude.Virus] Sudden Internet Slowdown Maybe someone should reboot the Internet. Matt Keith Johnson wrote: I am seeing this as we attempting to get to certain websites and they can't be displayed. Keith -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rodney Bertsch Sent: Friday, September 09, 2005 11:30 AM To: Declude.Virus@declude.com Subject: [Declude.Virus] Sudden Internet Slowdown Hello all! This may be off topic, but has anyone else experienced a sudden Internet slowdown this morning starting about 11:00 EST? We have locations across the country and are experiencing problems in about half our locations, most using SBC DSL for Internet service. Our primary Telnet app is DOA in these locations and e-mail and web surfing is slow everywhere. Thanks, Rodney Bertsch --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Not detecting viruses
I don't know why there wasn't a post about this here, but there's been a discussion in Declude.Junkmail about this issue as well. The problem I had was with my command line settings for F-Prot. The Declude manual used to give the command calling for f-prot.exe in the command line. However in this recent update of F-Prot it discontinued using that program and went with fpcmd.exe instead. The Declude on-line manual now lists both. The syntax I'm using is: SCANFILE C:\Progra~1\FSI\F-Prot\fpcmd.exe /TYPE /SILENT /NOMEM /ARCHIVE=5 /NOBOOT /DUMB /REPORT=report.txt VIRUSCODE 3 VIRUSCODE 6 REPORT Infection: Check and see which program you're calling. Rodney Bertsch IS Coordinator Kirk NationaLease Co. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Katie LaSalle-Lowery Sent: Wednesday, November 24, 2004 12:00 PM To: [EMAIL PROTECTED] Subject: [Declude.Virus] Not detecting viruses Downloaded F-Prot 3.16 yesterday and changed our configuration accordingly (I think). I've got something messed up. Not detecting viruses. The log shows virus free on every message. I'm getting emails from customers reporting threats getting through. I have strugged with f-stop but it is not running now and the log no longer indicates a problem with that. Thanks, Katie --- [This E-mail scanned for viruses by CENTRIC INTERNET SERVICES] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Issues with F-prot 3.16 or not?
I've tried the link several times and don't seem to be getting anywhere. The news release about 3.16a comes up, directs you to the Updates page, but when I log in the updates page only offers 3.16 dated November 17th. Anyone have a direct link to the update? Thanks, Rodney Bertsch IS Coordinator Kirk NationaLease Co. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Douglas Cohn Sent: Wednesday, November 24, 2004 1:18 PM To: [EMAIL PROTECTED] Subject: [Declude.Virus] Issues with F-prot 3.16 or not? OOOPs Just got this. FRISK Software has released version 3.16a of F Prot Antivirus for Windows. More information on this release can be found on our website: http://www.f-prot.com/news/gen_news/041124_release_win316a.html We recommend that users of F-Prot Antivirus for Windows update their programs to version 3.16a as soon as possible == I see a lot of posts surrounding F-prot 3.16. I have not updated my server yet. Is there an issue with it and declude? Should the fpcmd.exe line be changed from prior to 3.16? (Scott?) One thing I do notice when using the desktop scanner version of 3.16. It detects Word macros as viruses much more frequently. It also detects several utility programs as viruses that neither previous versions of F-prot nor Norton Corp 8.0 were detecting before. Zebra's printer driver--- C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K52VK16B\ZNetUtil.zip could be an archive bomb MSDN downloads D:\CD Flat\msdn-extract\sms20sp3enu.exe-SP3enuCD/SMSSETUP/NETMON/ALPHA/McSvcps.dl l could be a corrupted executable file D:\CD Flat\W2K Server Reskit\W2KRESKIT\APPS\CRYSTAL\DISK12\CRWEXE.00_-(PackWord) could be a corrupted executable file D:\CD Flat\W2K Server Reskit\W2KRESKIT\APPS\CRYSTAL\DISK4\CRPEDLL.00_-(PackWord) could be a corrupted executable file Scan settings: Safe tools. E:\storage\Foundstone\udpflood.zip-udpflood.exe is a destructive program Virus-infected files in archives cannot be disinfected. E:\storage\InfoZip\Wiz.exe could be a corrupted executable file The scanning was aborted by the user, with infected or suspicious --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Microsoft GDI+ Security Update
Oh great... just what we need now. Another avenue for viruses to come after us? Does anybody know anything more about this JPEG vulnerability they're talking about? Are there even any viruses that use this yet? I haven't installed Microsoft's patch yet and wondered what other people's thoughts were on the issue. Thanks, Rodney Bertsch IS Coordinator Kirk NationaLease Co. attachment: winmail.dat
RE: [Declude.Virus] Microsoft GDI+ Security Update
Unfortunately this is from Microsoft's main web page, just click on the Critical Update in the upper right corner of the page. I'm still trying to figure out how a virus can hide in a JPEG? - Rodney -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of R. Scott Perry Sent: Wednesday, September 15, 2004 11:41 AM To: [EMAIL PROTECTED] Subject: Re: [Declude.Virus] Microsoft GDI+ Security Update Does anybody know anything more about this JPEG vulnerability they're talking about? Every single JPEG (or other graphic format) vulnerability that I have heard of has been a hoax (including the one that McAfee sent out press releases about). One involved hiding information in the graphic (which is relatively easy to do, and has been known for years), and if you already are infected with a virus, you can get new viruses delivered via the graphic. I haven't heard about this one yet, however, if it is a new one. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Deactivation
1,000,000 praises to Declude and Scott!!! It's FANTASTIC!! The only reason we haven't migrated to a different mail program is because of Declude, not I-Mail. And Scott's service is FANTASTIC! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of marc catuogno Sent: Wednesday, April 07, 2004 1:24 PM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] Deactivation I believe you are in the same exact situation you were before the trial. Imail would've passed on the spam and viruses too with out Declude. I would buy it, really, it is the only thing saving my butt... Marc -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mitch Hegstad Sent: Wednesday, April 07, 2004 1:01 PM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] Deactivation I can't argue with that. I just wish I wasn't left in a worse situation than I was prior to setting up declude when it deactivated. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ncl Admin Sent: Wednesday, April 07, 2004 11:46 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] Deactivation One would think that prior to the 30 day trial one would purchase declude and it would run forever! At 12:20 PM 4/7/2004 -0400, you wrote: What happens when the 30 days is up and declude deactivates? At that point, mail will be handled almost exactly the same as it was before Declude was installed (the core Declude code will still run, but E-mail will be delivered exactly as it had before). Are the virus's passed on to the users? Correct. The Declude Virus code will not run, so viruses will not be detected, and will be delivered to users exactly as they would be before the Declude Virus evaluation was installed. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] declude junkmail vs iMail Anti Spam feature
Johan, We've done the same thing and are also using the I-Mail spam filter. Declude does have a junkmail option which I'd very much like to switch to. However management seems satisfied with the spam filtering by I-Mail. As mail administrator though, I am FAR from satisfied with I-Mail's spam filtering. We still get a LOT of spam that slips through and a number of false positives. I have to spend part of my morning each day sifting through spam messages to see if any false positives were caught. As INCREDIBLE as Declude Virus is I can only imagine Declude Junkmail would be equally reliable. I am continually trying to convince our powers that be to migrate to Declude Junkmail. Good luck! Rodney BertschIS CoordinatorKirk NationaLease Co. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Johan DriesmansSent: Tuesday, March 30, 2004 3:43 PMTo: [EMAIL PROTECTED]Subject: [Declude.Virus] declude junkmail vs iMail Anti Spam feature Hi, We recently upgraded iMail from v7.07 to v8.05 We noticed that iMail also has an anti-spam feature. We where planning a licence upgrade from declude anti-virus to junkmail also... Who has experience with this and why should I buy junkmail also if iMail has the feature build in... Sorry I post this here, I'm only a declude antivirus user and follow only this mailinglist. Is there also a mailinglist about junkmail? Thanks Johan Driesmans
RE: [Declude.Virus] F-prot passing Netsky.P or variant?
Darin, Sounds exactly like what we had happen yesterday but the mail logs made it look like there was no attachment in the e-mail. Yet Norton caught an attachmentas Netsky.P. Something strange - Rodney -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Darin CoxSent: Thursday, March 25, 2004 10:17 AMTo: [EMAIL PROTECTED]Subject: [Declude.Virus] F-prot passing Netsky.P or variant? Anyone else having trouble with a lot of new viruses slipping through? I submitted two to F-Prot earlier this morning, but they are claiming that the attachments were Netsky.P. However, I have the latest virus defs from them and the virus logs clearly show them being scanned and virus free. I'm betting it's a new, fast-spreading variant or Netsky, but am curious as to what others are seeing.. Darin.
RE: [Declude.Virus] Netsky returns with auto-response
Now that Darin has posted something similar I have to ask... If Norton caught something that wasn't actually there, then what is the 28.8 kb file it put in quarantine? Could the virus have come through as text which didn't show as an attachment? Thanks, Rodney -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of R. Scott Perry Sent: Wednesday, March 24, 2004 4:09 PM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] Netsky returns with auto-response 03/24/2004 11:02:31 Qb110d53600d64d81 Scanned: Virus Free If there is nothing after the Virus Free, that would indicate that there weren't any actual attachments. Most likely, the bounce message included something like Original message follows:, followed by the original message. In this case, it's actually a text file, but Norton is improperly treating it as a MIME file (so it sees a virus that really isn't there). -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Netsky returns with auto-response
If this has been covered in the list please give me a keyword to search the archives so I can look up the fix, if not we're open for suggestions to halt this problem. We have declude 1.78i27 with the latest version of definitions for Innoculan. We've been catching tons of Netsky and others without a problem, until this one slipped through. Netsky spoofed our user's e-mail address as the sender and sent to [EMAIL PROTECTED] Amazon happily auto-responded with the full content of the e-mail and sent Netsky right into our users mailbox. First of all, it doesn't look like the e-mail was scanned at all since it was a return message. Secondly it contained a .PIF file attachment, which we block. So it appears it slipped past both safety checks. Luckily Norton caught the virus at the desktop level. Any help would be much appreciated. Thanks, Rodney Bertsch IS Coordinator Kirk NationaLease Co. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] New interim Declude Virus Pro to block bogus .bat, .com, .pif, and .scr files
Again, it is vital that people be very clear in their posts. I'm very close to turning this into a moderated list until this all blows over. Scott, I can certainly sympathize with what you are going through there. You do an OUTSTANDING job for us and I rank Declude as #1 in my book in all areas. I for one would GLADLY want you to turn this into a moderated list. My inbox is flooded as it is by virus notifications, add to the immense amount of posts on the declude list and it's all I can do to just wade through my e-mail. I subscribe to the declude list to keep up on all the latest virus info, not to read a hundred posts asking the same question over and over again. PLEASE go to a moderated list! Rodney Bertsch IS Coordinator Kirk NationaLease Co. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Scanning attachments
Of course if the idea catches on, the next big virus will come with a message that states Save the attached zapyou.xxx out to your local hard drive as zapyou.exe, run the program and you'll see naked pictures of Halle Berry! Just playing devil's advocate, I want to find a way to enable zip files too. - Rodney -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of John Carter Sent: Wednesday, January 28, 2004 2:24 PM To: 'Declude Anti-virus Forum' Subject: [Declude.Virus] Scanning attachments Does the extension name of a file play in the proper scanning of an attachment? IE: If we rename a ZIP file to say test.ziz to get by the ban on ZIPs. Will it still get scanned ok? (Idea is if I intentional rename the extension and I tell you in the message what I and how to save it, it is not likely to come from a virus sender like MyDoom. It is inconvenient, but so is chasing down virus infected machines.) Thanks, John --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Sobig, the next wave?
Is there a similar program that reports on SPAM mail (using I-Mail's included SPAM filter, not Junkmail)? I realize this is more of an Ipswitch question but I find there are much more informed folks over here. Thanks, Rodney -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Pat Hastings Sent: Wednesday, August 27, 2003 9:36 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] Sobig, the next wave? You can download it here http://www.csonline.net/imailstuff/viruslog.htm There is also a batch file that does a similar thing but I can't get it work (see post below). This is one of the tools available in the tools section on declude.com http://www.declude.com/tools/index.html Pat -Original Message- From: Jeff Maze - Hostmaster [mailto:[EMAIL PROTECTED] Sent: 27 August 2003 14:47 To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] Sobig, the next wave? I don't think that's a dumb question 'cuz I would like to know that too.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sharyn Schmidt Sent: Wednesday, August 27, 2003 8:36 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] Sobig, the next wave? vir0819.log 437 437 vir0820.log 2,939 2,939 vir0821.log 3,937 3,937 vir0822.log 2,755 2,755 vir0823.log 275 275 vir0824.log 91 91 vir0825.log 8,525 8,525 vir0826.log 17,099 17,099 Forgive the dumb question, where did you get this cool log counter thing? Sharyn We are the worldwide producer and marketer of the award winning Cruzan Single Barrel Rum, judged Best in the World at the annual San Francisco Wine and Spirits Championships. For more information, please click (go to) htmla href=http://www.cruzanrums.com;www.cruzanrums.com/a/html --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. attachment: winmail.dat
RE: [Declude.Virus] SoBig.f email coming through
I understand that SoBig comes with a .pif attachment. I have .pif files among my banned extensions but haven't seen a single incident of this virus coming in. It hasn't been caught as a virus or a banned extension. Are we just extremely lucky or should I be worried I'm missing something? No reports from any users that their desktop scanners have detected it yet either. As far as I can tell we're safe here. Rodney Bertsch IS Coordinator Kirk NationaLease Co. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Minmail slipped through
Hello, We'd been going along just find catching minmail right and left, then a few minutes ago a copy slipped in. It wasn't detected by the desktop scanner either, even though definitions are up to date. What address do I send a copy of this minmail to have you folks check and see if it might be a defective version of the virus? Thanks, Rodney Bertsch --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] M e s s a g e . z i p possible virus
What's the best way to trap this in I-Mail? I tried adding m e s s a g e . z i p to the list of captures for message header, but a test came right on through? Thanks, Rodney BertschIS CoordinatorKirk NationaLease Co. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of John Tolmachoff (Lists)Sent: Friday, August 01, 2003 1:35 PMTo: [EMAIL PROTECTED]Subject: RE: [Declude.Virus] M e s s a g e . z i p possible virus The ones I got came from 204.73.176.250 John Tolmachoff MCSE CSSA Engineer/Consultant eServices For You www.eservicesforyou.com -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darrell LaRockSent: Friday, August 01, 2003 10:20 AMTo: [EMAIL PROTECTED]Subject: RE: [Declude.Virus] M e s s a g e . z I p possible virus We are getting pounded by this. Literally 100s per minute. They are all coming from 198.45.18.20. Darrell Darrell LaRock Systems Analyst Gannett Television 716-849-2272
RE: [Declude.Virus] Banned extension - MDB
But they wouldn't self execute would they? You would still have to open the Access DB first before there were problems. Putting the ZIP restriction in there wouldn't really protect any farther, just one more step to get to the bad macros. Or am I missing something here? Can the MDB file be made to execute automatically just by receiving the e-mail? What about Word and Excel files? They can also contain macros, can they be made to execute automatically just by opening the e-mail? Thanks, Rodney Bertsch IS Coordinator Kirk NationaLease Co. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Smart Business Lists Sent: Monday, February 24, 2003 10:12 AM To: Rodney Bertsch Subject: Re: [Declude.Virus] Banned extension - MDB Rodney, Monday, February 24, 2003 you wrote: RB I tried to find some RB supporting documentation as to exactly why the MDB file extension is unsafe RB to send but was unable to find any because you can put macros in it and macros can be vicious. Terry Fritts --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Banned extension - MDB
Thanks gang, much appreciated!! - Rodney -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Smart Business Lists Sent: Monday, February 24, 2003 10:32 AM To: Rodney Bertsch Subject: Re: [Declude.Virus] Banned extension - MDB Rodney, Monday, February 24, 2003 you wrote: RB But they wouldn't self execute would they? With a little JavaScript in an html carrier or a few other ways I can imagine it could be made to open. RB You would still have to open the Access DB first before there were RB problems. Putting the ZIP restriction in there wouldn't really RB protect any farther, just one more step to get to the bad macros. Yes, the database has to open. But putting it in the zip means that it has to be unzipped before it can open. RB Or am I missing something here? Can the MDB file be made to execute RB automatically just by receiving the e-mail? It can if the client is using Outlook or Outlook Express and does not have proper security settings. It might even if the security settings are proper. RB What about Word and Excel files? They can also contain macros, can they be RB made to execute automatically just by opening the e-mail? Yes. Terry Fritts --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] BANEXT settings
Thanks, will do Scott! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of R. Scott Perry Sent: Wednesday, September 04, 2002 2:07 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.Virus] BANEXT settings I just implimented the BANEXT in my virus.cfg and added the bannotify.eml to my Declude directory. The notify only goes out to the sender and I would like to know when a banned extension tries to come in as well. I know I could just add an additional entry to the to: field of bannotify.eml but I'd rather not advertise to the sender that I'm getting the notify as well. Is there a way to BCC or is there another EML type that I can use to notify the postmaster? There is no way to add a Bcc: field -- the only way you can get a copy as well is by adding yourself to the To: line (To: %MAILFROM%,[EMAIL PROTECTED]). -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] OT Mail server crashes
Hello, I'm not sure if we are having the exact same problem or if this is a variant. At least once a week our mail server seems to get clogged with e-mail. 20 or 30 spool (*.vir) directories get created in imail\spool along with a matching batch of cmd processes running in task manager. If left alone things usually clear out in an hour or so but in the meanwhile e-mail grinds to a pathetic crawl. It's not unusual for it to take 30 or 40 minutes for an e-mail to process (incoming or outgoing). I always worry that during these bogged times viruses may be slipping through unnoticed. Rodney Bertsch --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
RE: [Declude.Virus] OT Mail server crashes
Scott, Nope, no crashes happening. Though if you listen to the users who aren't getting e-mail you'd think it was the end of the world at least. I've checked the CPU utilization before and not seen anything that red flagged as a problem. The next time it happens I'll pay closer attention to it. I'm not sure how to go about checking for a sudden high volume of e-mail. Is there a utility that graphs out # of e-mails on an hourly basis or something? My timeout setting is: SCANNERTIMEOUT 3600 which translates to 60 minutes. This is about how long these bouts last. What could freeze these processes like that? And if this is what's happening doesn't that mean all these timed out e-mails are NOT getting scanned for virii? Also, on a possibly related issue. Once in a while we get a single *.vir directory that locks up in the spool directory. The *.vir directory is empty, but it refuses to go away. I can't delete it either. The only thing I can do is reboot the server, that releases the lock and allows me to delete the empty folder. - Rodney -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of R. Scott Perry Sent: Wednesday, June 26, 2002 12:42 PM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] OT Mail server crashes I'm not sure if we are having the exact same problem or if this is a variant. It sounds like a very different problem, as you haven't mentioned the server crashing. At least once a week our mail server seems to get clogged with e-mail. 20 or 30 spool (*.vir) directories get created in imail\spool along with a matching batch of cmd processes running in task manager. If left alone things usually clear out in an hour or so but in the meanwhile e-mail grinds to a pathetic crawl. It's not unusual for it to take 30 or 40 minutes for an e-mail to process (incoming or outgoing). Have you sorted the processes by CPU usage in the Task Manager to see if there are other processes (besides Declude and the virus scanner) that are taking up a lot of CPU time (which would slow down the scanning)? Have you checked to see if there was a reason for an unusually high volume of E-mail at the time? I always worry that during these bogged times viruses may be slipping through unnoticed. It shouldn't. I believe that IMail will wait 2 hours before assuming that a locked spool file is safe to deliver (which would allow it go go unscanned), and I have never heard of it taking that long. And, with Declude Queue running, if some of the files are in the \IMail\spool\overflow directory (which they should be when you hit maximum capacity), IMail can't deliver them, so they are safe. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com . --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
RE: [Declude.Virus] OT Mail server crashes
Try changing that to 60. 3600 is awful high. Ok, will see what happens. Are there any errors in the Declude virus log? I'm set to loglevel mid and see no reports of errors during those times. E-mail seems to process through ok as far as the report reads. Has anything changed on the anti-virus software you use? No changes, still catching viruses as normal. Which anti-virus software do you use? Inoculan. Thanks, Rodney --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
[Declude.Virus] E-Mail Count
Hello, I've recently downloaded the Virus Log Analyzer and love the report it generates. The only thing it's missing is a breakdown on regular e-mail as to # incoming and # outgoing. Is there a way to generate this? Thanks, Rodney --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
RE: [Declude.Virus] Virus name reporting for InoculateIT
Ours comes down through our auto-download process. After hearing your troubles I definitely don't think we'll be upgrading our Inoculan anytime soon! ;-) -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Stan BuckSent: Wednesday, May 15, 2002 3:54 PMTo: [EMAIL PROTECTED]Subject: Re: [Declude.Virus] Virus name reporting for InoculateIT Here's the reply from CA tech support: "The scan from the DOS mode will not able to report the virus name, even thesummary will display about the infection and will take necessary action, theonly way to find out is using scan from the windows mode." So I asked them where I could download a copy of inocucmd.exe, since it isn't obvious on their website. We'll see what they say. Stan - Original Message - From: Rodney Bertsch To: [EMAIL PROTECTED] Sent: Wednesday, May 15, 2002 7:58 AM Subject: RE: [Declude.Virus] Virus name reporting for InoculateIT Here's a similar test from my system: *** InoculateIT AntiVirus Summary Listing *** 05-13-2002 13:58:42 Engine version: 35.02 05/02/2002Data version: 35.52 05/09/2002Examining Workstation Memory...No Viruses Were Detected In Workstation MemoryScanning INOCUCMD.EXE. Please wait ...No Viruses Were Detected in INOCUCMD.EXETarget Directory: [C:\IMAIL\SPOOL\DFECE1B2.VIR]Target Files: [*.*][DOS][C:\IMAIL\SPOOL\DFECE1B2.VIR\0.COM] is infected by virus [EICAR test file] Total Files Scanned: 2Total Bytes Scanned 368Total Viruses Found: 1Total Infected Files Found: 1Total Elapsed Time: 00:00:01Scan Type: Secure *** End Of Summary *** - Rodney
RE: [Declude.Virus] Virus name reporting for InoculateIT
We're running InoculateIT for Windows NT version 4.53. We download the updated Inocucmd.exe along with the definitions on a regular basis. I wonder if the Inocmd32.exe generates a different type of report from what we get then? - Rodney -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Stan BuckSent: Monday, May 13, 2002 12:11 PMTo: [EMAIL PROTECTED]Subject: Re: [Declude.Virus] Virus name reporting for InoculateIT I believe that Inocluan is an earlier program than InoculateIT. At any rate, I can't find a copy of inocucmd.exe anywhere. Here's what the docs say about it: The INOCUCMD.EXE Command Line Scanner is for use only with the Rescue Disk made for the InoculateIT engine and Windows 9x workstations. For all other command line operations for all platforms, use the INOCMD32.EXE Command Line Scanner. Which is what we use. Maybe I'll try making a Win98 Rescue Disk and see if it turns up there and give it a try. Stan - Original Message - From: Rodney Bertsch To: [EMAIL PROTECTED] Sent: Monday, May 13, 2002 11:15 AM Subject: RE: [Declude.Virus] Virus name reporting for InoculateIT Hello, Yes, we use Inoculan and get the virus names no problem. We need to compare notes and see what we have configured differently. Here is a piece of our scan.bat that Declude calls; INOCUcmd.exe %1 /LIS %1\report.txt - Rodney -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Stan BuckSent: Monday, May 13, 2002 10:59 AMTo: [EMAIL PROTECTED]Subject: [Declude.Virus] Virus name reporting for InoculateIT We use Computer Associate's InoculateIT 6.0 as our antivirus program. It's command line scanner, inocmd32, works very well with Declude, but it doesn't report the name of any virus found. I can get it to generate a report.txt file, but even with the verbose switch it doesn't give the name. If there's anyone else who uses this program and knows how to get it to report virus names, I'd appreciate hearing about it!
[Declude.Virus] Lost Outlook
I have a unique problem that I swear is 100% user stupidity, but they swear they're not at fault so I'm asking you folks if you've heard of anything like this. In the last month or so I've had three users complain about not being able to get into their Outlook database. The first two kept their Outlook.PST on their local hard drive and the third (just now) had their file on the network file server. When I checked their PCs I found the outlook.pst file was gone, deleted, vanished, MIA. One user reluctantly admitted he'd been doing some file cleaning and had even purged his recycle bin for good measure. All three swear they never deleted their PST file, but it's gone none the less. I'm restoring the file from last night's backup for today's user but the other two were lost as it was local to them. Has anybody heard of any virus that might do this sort of thing? Inoculan is protecting our I-Mail server and catching other viruses right and left, Norton is on every desktop with latest definitions. I find no viruses anywhere. But after my third user with this issue I had the need to ask. Thanks, Rodney Bertsch IS Coordinator Kirk NationaLease Co. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
RE: [Declude.Virus] MISSING_REVERSE_DNS:Leftover files and dirs
Looks like there are d*.smd and t*.smd files. The only q* files I have are q*.gse, q*.ntf, q*.gmp and q*.smp. I e-mailed the virus.cfg and vir*.log file. Would a directory listing help? - Rodney -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of R. Scott Perry Sent: Thursday, December 06, 2001 11:40 AM To: [EMAIL PROTECTED] Subject: Re: [Declude.Virus] MISSING_REVERSE_DNS:Leftover files and dirs We're having trouble recently with virus scanning with Declude. Several times lately the *.vir directories that Declude creates as temporary scan areas will fill up in our imail\spool folder. These directories contain a simple report.txt file saying no virus's had been found, but the directories do not get automatically deleted. If you E-mail me your \IMail\Declude\virus.cfg and \IMail\spool\vir.log files, I can take a look to see why this is happening. Also I notice several *.smd files just floating in the imail\spool folder. They appear to be unsent e-mails, so I don't want to just delete them. I don't know why they are hanging out there and how to get rid of them properly. If there is only a D*.smd file, and not a corresponding Q*.smd file (IE you see D1234567.SMD but not Q1234567.SMD), that's because IMail couldn't deliver the E-mail, and couldn't send a bounce message back. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com . --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com . --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
MISSING_REVERSE_DNS:RE: [Declude.Virus] Magstr.39921
Mine didn't catch it using Inoculan 4.0. My Norton desktop scanner didn't peep either. Kinda scary! Rodney Bertsch -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sharyn Schmidt Sent: Monday, October 08, 2001 11:42 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] Magstr.39921 The Declude installed on my mail server nabbed this :) Sharyn -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dan Spangenberg Sent: Monday, October 08, 2001 11:37 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] Magstr.39921 I received this message with several attached files, .mbx .srt .iud. So either they aren't infected, or Fprot also let them through here. Anyone else? Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Serge Dergham Sent: Monday, October 08, 2001 9:22 AM To: [EMAIL PROTECTED] Subject: [Declude.Virus] Magstr.39921 Attached is the Imail Mailbox with a virus tha got thru today Declude+fprot Please check and let us know Thanks - Original Message - From: R. Scott Perry [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, October 08, 2001 1:17 PM Subject: Re: [Declude.Virus] Declude Confirm for sending email to lists? Ideally on large lists the sender should have to send the message, receive a confirmation request, and then send a confirming message, in the same style as a Declude Confirm used for subscription. That way a forged message can't get distributed as if it were legitimate. Any solutions? Could Declude Confirm be configured or extended to take this role? I don't think this could be done with Declude Confirm, nor do I know of any other way to accomplish it. This is something we may consider adding to Declude Confirm. One option in the meantime would be to use passwords (depending on the type of list, that may or may not be convenient). -Scott This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com . This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com . We are the worldwide producer and marketer of the award winning Cruzan Single Barrel Rum, judged Best in the World at the annual San Francisco Wine and Spirits Championships, and the artisan tequilas of Porfidio 100% Agave Tequilas, judged Best Tequila four years running by the Wine Enthusiast magazine. For more information, please click (go to) htmla href=http://www.cruzanrums.com;http:///aa href=http://www.cruzanrums;www.cruzanrums.com/a/html This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com . This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
RE: [Declude.Virus] MISSING_REVERSE_DNS:Declude with CA-InoculateIT
Hello, We're running Innoculan V4.00 and IMail 7.00. So far no problems. We're very happy with the results. - Rodney Bertsch -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Monday, September 24, 2001 9:36 AM To: [EMAIL PROTECTED] Subject: [Declude.Virus] MISSING_REVERSE_DNS:Declude with CA-InoculateIT Hi all, I'm new to the list, I would like to ask if somebody is using declude-virus with CA-InoculateIT Enterprise v. 4.53 and Imail server 7.0x and if there are any known problem. Thanks in advance for your time, Best Regards. Bruno Cominotti ASI SpA Mantova - ITALY This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com . This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
MISSING_REVERSE_DNS:RE: [Declude.Virus] Is anyone catching Nimda with McAfee
We got hit by Nimda last week too and now have our server and workstations cleaned up from it. We have the latest definitions (Inoculan) and have been able to actively scan for viruses but have not seen any reports of Nimda coming in through Declude. When we were hit it toasted our *.eml files for Declude notification so even though it was catching viruses no e-mail notifications were coming through. I had to restore to pre-Nimda *.eml files to get the notify's going again. We haven't had any reports of additional users infected with Nimda so we __assume__ we are ok. It would be nice to see Declude nab an incoming Nimda though just so I can rest easy. - Rodney Bertsch -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jim Cochran Sent: Monday, September 24, 2001 11:28 AM To: [EMAIL PROTECTED] Subject: [Declude.Virus] Is anyone catching Nimda with McAfee Hello all, I am using Declude on our IMail server and have the latest DAT file from McAfee. We catch 100's of SirCam and W32Magistr but still haven't caught a single instance of Nimda. We just got our network cleaned up. Is anyone having any luck with McAfee. Should I consider switching to FProt. Thanks Jim Cochran This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com . This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
[Declude.Virus] Closed/Open Relay
Hello, I have a fairy stupid sounding question to ask. While diagnosing a remote location's e-mail troubles I had a tech from an ISP ask me if our mail server was Open or Closed Relay. I didn't understand the question and felt quite dumb for not knowing. Do you know if I-Mail is open or closed and what exactly that means? Thanks, Rodney Bertsch This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus. You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .