Re: [Declude.Virus] Outlook 'CR' Vulnerability from Thunderbird ???

2005-08-12 Thread Don Brown 
Thanks.


Friday, August 12, 2005, 9:47:16 AM, Matt <[EMAIL PROTECTED]> wrote:
M> Here's what I turned off:

M> ALLOWVULNERABILITYOLCR
M> ALLOWVULNERABILITYOLSPACEGAP
M> ALLOWVULNERABILITYOLMIMESEGMIMEPRE
M> ALLOWVULNERABILITYOLMIMESEGMIMEPOST
M> ALLOWVULNERABILITYOLLONGFILENAME
M> ALLOWVULNERABILITYOLBLANKFOLDING
M> ALLOWVULNERABILITYOBJECTDATA
M> ALLOWVULNERABILITYOLBOUNDARYSPACEGAP

M> This only works with 2.0.6.14+.  There are more that are listed when you
M> log into your account on declude.com and go to the page for 2.0.6.16.
M> All of the above were producing repeated false positives from multiple
M> sources, and ones like OLCR were especially problematic.

M> Matt



M> Don Brown wrote:

>>
>>Thursday, August 11, 2005, 10:50:32 PM, Matt <[EMAIL PROTECTED]> wrote:
>>M> David,
>>
>>M> With 2.0.6.16, which is available from the Declude site, you can turn 
>>M> off the Outlook CR Vulnerability.  I have turned off all but a couple of
>>M> these because of numerous false positive issues.
>>
>>Which ones have you turned off and what is the syntax to use?
>>
>>
>>
>>
>>
>>Don Brown - Dallas, Texas USA Internet Concepts, Inc.
>>[EMAIL PROTECTED]   http://www.inetconcepts.net
>>(972) 788-2364Fax: (972) 788-5049
>>
>>
>>---
>>This E-mail came from the Declude.Virus mailing list.  To
>>unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
>>type "unsubscribe Declude.Virus".The archives can be found
>>at http://www.mail-archive.com.
>>
>>
>>  
>>
M> ---
M> This E-mail came from the Declude.Virus mailing list.  To
M> unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
M> type "unsubscribe Declude.Virus".The archives can be found
M> at http://www.mail-archive.com.




Don Brown - Dallas, Texas USA Internet Concepts, Inc.
[EMAIL PROTECTED]   http://www.inetconcepts.net
(972) 788-2364Fax: (972) 788-5049


---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.

Re: [Declude.Virus] Outlook 'CR' Vulnerability from Thunderbird ???

2005-08-12 Thread Matt 

Here's what I turned off:

ALLOWVULNERABILITYOLCR
ALLOWVULNERABILITYOLSPACEGAP
ALLOWVULNERABILITYOLMIMESEGMIMEPRE
ALLOWVULNERABILITYOLMIMESEGMIMEPOST
ALLOWVULNERABILITYOLLONGFILENAME
ALLOWVULNERABILITYOLBLANKFOLDING
ALLOWVULNERABILITYOBJECTDATA
ALLOWVULNERABILITYOLBOUNDARYSPACEGAP

This only works with 2.0.6.14+.  There are more that are listed when you 
log into your account on declude.com and go to the page for 2.0.6.16.  
All of the above were producing repeated false positives from multiple 
sources, and ones like OLCR were especially problematic.


Matt



Don Brown wrote:



Thursday, August 11, 2005, 10:50:32 PM, Matt <[EMAIL PROTECTED]> wrote:
M> David,

M> With 2.0.6.16, which is available from the Declude site, you can turn 
M> off the Outlook CR Vulnerability.  I have turned off all but a couple of

M> these because of numerous false positive issues.

Which ones have you turned off and what is the syntax to use?





Don Brown - Dallas, Texas USA Internet Concepts, Inc.
[EMAIL PROTECTED]   http://www.inetconcepts.net
(972) 788-2364Fax: (972) 788-5049


---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.


 


---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.

Re: [Declude.Virus] Outlook 'CR' Vulnerability from Thunderbird ???

2005-08-12 Thread Don Brown 



Thursday, August 11, 2005, 10:50:32 PM, Matt <[EMAIL PROTECTED]> wrote:
M> David,

M> With 2.0.6.16, which is available from the Declude site, you can turn 
M> off the Outlook CR Vulnerability.  I have turned off all but a couple of
M> these because of numerous false positive issues.

Which ones have you turned off and what is the syntax to use?





Don Brown - Dallas, Texas USA Internet Concepts, Inc.
[EMAIL PROTECTED]   http://www.inetconcepts.net
(972) 788-2364Fax: (972) 788-5049


---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.

Re: [Declude.Virus] Outlook 'CR' Vulnerability from Thunderbird ???

2005-08-11 Thread Matt 

David,

With 2.0.6.16, which is available from the Declude site, you can turn 
off the Outlook CR Vulnerability.  I have turned off all but a couple of 
these because of numerous false positive issues.


As far as this message goes, it is almost definitely their antivirus 
scanning product that munged the headers (X-AntiVirus: gadoyanvirus 
0.3), but it could be something else that adds or rewrites headers.  
They certainly look strange to me, and possibly not RCF compliant 
outside of the CR issues.


Thunderbird definitely has no issues with this, nor does almost every 
legitimate E-mail client out there, but people that script E-mail 
generation (especially PHP stuff) or use obscure products seem to have 
issues with this frequently enough that it is not worth the trouble.  If 
there was ever an exploit spreading actively in the wild, I would 
rethink my position.  I believe that Microsoft has long since patched 
the flaw, though it can certainly cause parsing issues in virus scanners 
that could lead to missing the payloads due to a message that was 
improperly formatted.


Matt





David Dodell wrote:


Had email from a company today (Photodex) rejected due to the Outlook
'CR' Vulnerability but from the headers it looks like the email
originated from Thunderbird as the email client ... see headers below
...

Is it time to drop the Outlook vunerbility test??

David

Received: from eman.photodex.com 
[64.132.190.157]
by drdodell.com 
(SMTPD32-8.05) id AB6E1D23028A; Thu, 11 Aug 2005 10:31:26 -0700

Received: (qmail 7712 invoked from network); 11 Aug 2005 17:31:26 -
X-AntiVirus: gadoyanvirus 0.3
Received: from unknown (HELO ?10.10.0.149?) (10.10.0.149
) by eman.vpn.photodex.com  with SMTP; 11 Aug
2005 17:31:26 -

Message-ID: <[EMAIL PROTECTED]>
X-Photodex-Original-Date: Thu, 11 Aug 2005 12:32:11 -0500
From: Photodex Corporation - Chris <[EMAIL PROTECTED]>
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
X-Accept-Language: en-us, en
MIME-Version: 1.0
Subject: Re: ProShow Gold Support Request
References: <[EMAIL PROTECTED]>
In-Reply-To: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Date: Thu, 11 Aug 2005 12:31:26 -0500 David,
X-Declude-Sender: [EMAIL PROTECTED] [64.132.190.157
]X-Spam-Tests-Failed: None [0]
X-Country-Chain:
X-Note: This E-mail was sent from ([64.132.190.157 
]).
X-Hello:
X-Declude-Virus: Detected [ Outlook 'CR' Vulnerability].

-
Internet Dental Forum  www.internetdentalforum.net
Dentalcast Podcast www.dentalcast.net

---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.


 


---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.

Re: [Declude.Virus] Outlook 'CR' Vulnerability

2003-04-02 Thread R. Scott Perry 

Does a Outlook 'CR' Vulnerability virus alert always mean malicious
intent?  It seems that a lot possible spam gets flagged like this.
It doesn't always mean malicious intent -- it does, however, indicate that 
it is not possible to automatically detect whether or not the E-mail is 
malicious (and therefore it should be assumed that the E-mail is malicious 
until proven otherwise, even though it probably was just poorly constructed).
-Scott

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.

Re: [Declude.Virus] Outlook 'CR' vulnerability

2003-03-04 Thread R. Scott Perry 

We have the same problem...
Please let me know if you found a workaround...
The only workarounds are:

[1] To have the sender fix the problem, and stop sending dangerous 
vulnerabilities, or
[2] Disable vulnerability detection, and allow future viruses to be 
delivered unscanned.

Given the severity of #2, we strongly recommend that people go with option 
#1 and prevent the vulnerability from being sent.
  -Scott

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.

Re: [Declude.Virus] Outlook 'CR' vulnerability

2003-03-04 Thread Stéphane Grenier 
We have the same problem...
Please let me know if you found a workaround...

Thanks !

Stef

- Original Message -
From: "David Lewis-Waller" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 5:22 AM
Subject: [Declude.Virus] Outlook 'CR' vulnerability


> A company recently complained to us that an emails they send were being
> trapped by Declude Virus marked as having a Outlook 'CR' vulnerability.
> I checked on this and could not find a CR in then subject line of
> several emails from them held in the virus directory - any clues?
>
> David
>
> ---
> [This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]
>
> ---
> This E-mail came from the Declude.Virus mailing list.  To
> unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
> type "unsubscribe Declude.Virus".The archives can be found
> at http://www.mail-archive.com.
>

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.

RE: [Declude.Virus] Outlook 'CR' Vulnerability

2002-11-12 Thread John Tolmachoff 
I should also add that they do not have a valid sender.

John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA  92835
www.reliancesoft.com



---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.

RE: [Declude.Virus] Outlook 'CR' Vulnerability

2002-11-12 Thread Uhte, Russ 
John,
I've seen a TON of these...  What I've noticed is that there is always one
letter missing in the subject line... Usually at the beginning...  This also
peak my curiosity... But I haven't been able to figure out why/what it is...
-Russ

-Original Message-
From: John Tolmachoff [mailto:jtolmachoff@;reliancesoft.com] 
Sent: Tuesday, November 12, 2002 9:51 AM
To: [EMAIL PROTECTED]
Subject: [Declude.Virus] Outlook 'CR' Vulnerability


During the last 8 hours, Declude Virus has caught 4 messages with the
Outlook "CR" Vulnerability. While this in it self is a little different, as
usually I only see 4 in 7 days, what really makes these stand out is they
all have subject lines related to adult material.

Each one is addressed to a different user on a different virtual domain.
Each one comes from a different IP address range.

The only thing I can see they have in common is the Outlook "CR"
Vulnerability.

Has anyone else seen this pattern? Could this be some kind of new virus?

John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA  92835
www.reliancesoft.com


---
[This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]

---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.
---
[This E-mail scanned for viruses by Declude Virus]


---
CONFIDENTIALITY NOTICE: This email and any attachments are for the exclusive
and confidential use of the intended recipient. If you are not the intended
recipient, please do not read, distribute or take action in reliance upon
this message. If you have received this in error, please notify us
immediately by return email and promptly delete this message and its
attachments from your computer system.
---
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.

RE: [Declude.Virus] Outlook 'CR' Vulnerability

2002-11-12 Thread Michael Lauritzen 
I see them once or twice a day to the same two users on the same virtual
domain. The always contain adult material.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:Declude.Virus-owner@;declude.com]On Behalf Of John Tolmachoff
Sent: Tuesday, November 12, 2002 9:51 AM
To: [EMAIL PROTECTED]
Subject: [Declude.Virus] Outlook 'CR' Vulnerability


During the last 8 hours, Declude Virus has caught 4 messages with the
Outlook "CR" Vulnerability. While this in it self is a little different, as
usually I only see 4 in 7 days, what really makes these stand out is they
all have subject lines related to adult material.

Each one is addressed to a different user on a different virtual domain.
Each one comes from a different IP address range.

The only thing I can see they have in common is the Outlook "CR"
Vulnerability.

Has anyone else seen this pattern? Could this be some kind of new virus?

John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA  92835
www.reliancesoft.com


---
[This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]

---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.
---
[This E-mail is scanned for viruses by Ucopian Networks Inc]
[http://www.ucopiannetworks.com]


---
[This E-mail is scanned for viruses by Ucopian Networks Inc]
[http://www.ucopiannetworks.com]

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http://www.mail-archive.com.

RE: [Declude.Virus] Outlook 'CR' Vulnerability

2002-06-10 Thread Craig Gittens 

Either you can stop scanning for virii from that customer if you have
Declude PRO or you can turn off the Outlook detection by adding:
BANCRVIRUSESOFF
to your virus.cfg file.

Craig.

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".  You can E-mail
[EMAIL PROTECTED] for assistance.  You can visit our web
site at http://www.declude.com .

Re: [Declude.Virus] Outlook 'CR' Vulnerability

2002-06-10 Thread R. Scott Perry 


>Can anyone tell me what the [Outlook 'CR' Vulnerability] is and where to
>fine information on it to give to the customer.   I am running f-prot 3.12
>as the scanner



The issue is that there is a header with an illegal character in it (a 
carriage return, rather than the carriage return + linefeed that indicates 
the end of a line). There is no valid reason to have such as character in 
the headers, and it violates RFC specs (and would be reason to fail the 
BADHEADERS test in Declude JunkMail, although that is not currently tested 
for). Having such a character in the headers causes a "fork" in processing 
the E-mail -- some programs (AV scanners or mail clients) will handle the 
headers correctly, others (Outlook) will not, and will process the E-mail 
very differently (with extra headers that don't really exist, without 
headers that do exist, and even creating non-existent attachments with very 
real viruses). As a result, having such a character bypasses security 
mechanisms.

http://www.openoffice.nl/special_interest/outlookbug.html has more 
information on this issue.
-Scott

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".  You can E-mail
[EMAIL PROTECTED] for assistance.  You can visit our web
site at http://www.declude.com .

RE: [Declude.Virus] Outlook-CR vulnerability

2002-04-16 Thread Scott MacLean 

I will do - virtually *every* instance I've seen so far has
been legitimate email.
At 10:11 AM 4/16/2002, John Tolmachoff wrote:
>From what Scott Perry has said
before is that he has not seen any
legitimate e-mail with the CR vulnerability. If you do have evidence
of
legitimate e-mail that does have the CR vulnerability, you might want
to
forward those examples directly to him so he can review them.
John Tolmachoff 
IT Manager, Network Engineer
211 E. Imperial Hwy., Suite 106
Fullerton, CA  92835
714-578-7999, ext. 104
[EMAIL PROTECTED]
www.reliancesoft.com
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
On Behalf Of Scott MacLean
Sent: Tuesday, April 16, 2002 5:11 AM
To: [EMAIL PROTECTED]
Subject: [Declude.Virus] Outlook-CR vulnerability
Might I make this suggestion for detecting the Outlook-CR
vulnerability,
to 
try to attempt to reduce the false positives (which seem to be close to

100% at this point):
Whenever a CR without a LF is seen, check the message header to see if
a
"BEGIN ..." is actually enclosed within it, indicating that a
payload 
actually exists. If not, perhaps a different notification could be
made,
so 
we can determine whether to simply warn, or quarantine based on the 

analysis. Right now, I've had to turn off the Outlook-CR check
altogether, 
because of too many complaints from users who are getting virus
warnings
(as well as their senders) instead of their valid, non-infected, albeit

header-munged messages.
___
Scott MacLean
[EMAIL PROTECTED]
ICQ: 9184011
http://www.nerosoft.com
---
[This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".  You can E-mail
[EMAIL PROTECTED] for assistance.  You can visit our web
site at
http://www.declude.com
.
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".  You can E-mail
[EMAIL PROTECTED] for assistance.  You can visit our web
site at http://www.declude.com .

___
Scott MacLean
[EMAIL PROTECTED]
ICQ: 9184011
http://www.nerosoft.com

RE: [Declude.Virus] Outlook-CR vulnerability

2002-04-16 Thread John Tolmachoff 

>From what Scott Perry has said before is that he has not seen any
legitimate e-mail with the CR vulnerability. If you do have evidence of
legitimate e-mail that does have the CR vulnerability, you might want to
forward those examples directly to him so he can review them.

John Tolmachoff 
IT Manager, Network Engineer
211 E. Imperial Hwy., Suite 106
Fullerton, CA  92835
714-578-7999, ext. 104
[EMAIL PROTECTED]
www.reliancesoft.com
 


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Scott MacLean
Sent: Tuesday, April 16, 2002 5:11 AM
To: [EMAIL PROTECTED]
Subject: [Declude.Virus] Outlook-CR vulnerability

Might I make this suggestion for detecting the Outlook-CR vulnerability,
to 
try to attempt to reduce the false positives (which seem to be close to 
100% at this point):

Whenever a CR without a LF is seen, check the message header to see if a

"BEGIN ..." is actually enclosed within it, indicating that a payload 
actually exists. If not, perhaps a different notification could be made,
so 
we can determine whether to simply warn, or quarantine based on the 
analysis. Right now, I've had to turn off the Outlook-CR check
altogether, 
because of too many complaints from users who are getting virus warnings

(as well as their senders) instead of their valid, non-infected, albeit 
header-munged messages.

___
Scott MacLean
[EMAIL PROTECTED]
ICQ: 9184011
http://www.nerosoft.com

---
[This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]

This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".  You can E-mail
[EMAIL PROTECTED] for assistance.  You can visit our web
site at http://www.declude.com .

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".  You can E-mail
[EMAIL PROTECTED] for assistance.  You can visit our web
site at http://www.declude.com .

Re: [Declude.Virus] Outlook 'CR' Vulnerability

2002-02-25 Thread John Shacklett 

I agree with Mike completely.

Somewhere way down near the bottom of the requested new features I'd like to
add: "ability to turn off some or all of the virus .eml notifications if the
Outlook 'CR' Vulnerability is the only test failed."

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Mike Nice
Sent: Saturday, February 23, 2002 8:55 PM
To: [EMAIL PROTECTED]
Subject: Re: MISSING_REVERSE_DNS:Re: [Declude.Virus] Outlook 'CR'
Vulnerability


I had a mini panic attack at all the spam it was catching as Outlook CR.   I
envisioned a bunch  of list servers also using this formatting.  However in
practice, it is only the cheapest spamware that does this, so I left the
option enabled.  It makes a great mini-spamcatcher as well as blocking a
potential virus problem.

   Thanks to Scott for giving us the tools to quickly address the
vulnerability.

   Mike Nice

- Original Message -
> I'm not surprised that there is some spam out there that has this flaw.  I
> haven't heard of a case yet where legitimate mail was sent that way (and
> even if it was, the sender would need to fix the problem on their end).


---
[This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]

This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".  You can E-mail
[EMAIL PROTECTED] for assistance.  You can visit our web
site at http://www.declude.com .

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

This E-mail came from the Declude.Virus mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".  You can E-mail
[EMAIL PROTECTED] for assistance.  You can visit our web
site at http://www.declude.com .