Thomas Horsten disse:
On Mon, 22 Sep 2003, Ted Roby wrote:
My secalert account for these lists is being drenched with 40 to 70 of
these fake Microsoft Update emails per day.
Mine too, i needed to move all my e-mails to a new account (this)
'cause i couldn't hand the flood }:-O
And as i use
Thomas Horsten disse:
On Mon, 22 Sep 2003, Ted Roby wrote:
My secalert account for these lists is being drenched with 40 to 70 of
these fake Microsoft Update emails per day.
Mine too, i needed to move all my e-mails to a new account (this)
'cause i couldn't hand the flood }:-O
And as i use web
Am Mittwoch, 24. September 2003 02:14 schrieb Bernd Eckenfels:
> In article <[EMAIL PROTECTED]> you wrote:
> > And... a mail with a positive virus recognition can be deleted without
> > having to fear it's a false positive,
> umm... what makes you think so?
Okay, it's not absolutely safe, but for
Am Mittwoch, 24. September 2003 02:14 schrieb Bernd Eckenfels:
> In article <[EMAIL PROTECTED]> you wrote:
> > And... a mail with a positive virus recognition can be deleted without
> > having to fear it's a false positive,
> umm... what makes you think so?
Okay, it's not absolutely safe, but for
Don't underestimate clamav. Sure it does not have 75,000 virii in it's
database, but it catches well over 98% of the viruses that cross my little
ISP. (I run both NOD32 and ClamAV with MailScanner so I see all the ones
that NOD gets and ClamAV does not, which is _very_ few). Plus the ClamAV
commu
Don't underestimate clamav. Sure it does not have 75,000 virii in it's
database, but it catches well over 98% of the viruses that cross my little
ISP. (I run both NOD32 and ClamAV with MailScanner so I see all the ones
that NOD gets and ClamAV does not, which is _very_ few). Plus the ClamAV
commu
On Wed, 24 Sep 2003 at 1:54:42 +0200, Thomas Ritter wrote:
>
> Just a note: Open Antivirus programs like clamav are not perfect, because the
> open virus database [1] is still too small... but for _sorting_ mail, clamav
> (it's in sid) is really good. It gives you
[...]
> [1] http://www.openant
In article <[EMAIL PROTECTED]> you wrote:
> And... a mail with a positive virus recognition can be deleted without having
> to fear it's a false positive,
umm... what makes you think so?
Besides the typical case, that one wants to send a virus file (there are
researches out there, you know) the
On Wed, 24 Sep 2003 at 1:54:42 +0200, Thomas Ritter wrote:
>
> Just a note: Open Antivirus programs like clamav are not perfect, because the
> open virus database [1] is still too small... but for _sorting_ mail, clamav
> (it's in sid) is really good. It gives you
[...]
> [1] http://www.openant
In article <[EMAIL PROTECTED]> you wrote:
> And... a mail with a positive virus recognition can be deleted without having
> to fear it's a false positive,
umm... what makes you think so?
Besides the typical case, that one wants to send a virus file (there are
researches out there, you know) the
On Thu, 25 Sep 2003 at 08:43:46 +0200, Dariush Pietrzak wrote:
> > ClamAV is supported in Debian and it's very well integrated with
> > amavisd-new (which, in turn, can be used also with spamassassin).
> Yes, but where can I find clamav for woody?
> Sid's package depends on whole lot of sid stuff,
On Thu, 25 Sep 2003 at 08:43:46 +0200, Dariush Pietrzak wrote:
> > ClamAV is supported in Debian and it's very well integrated with
> > amavisd-new (which, in turn, can be used also with spamassassin).
> Yes, but where can I find clamav for woody?
> Sid's package depends on whole lot of sid stuff,
> ClamAV is supported in Debian and it's very well integrated with
> amavisd-new (which, in turn, can be used also with spamassassin).
Yes, but where can I find clamav for woody?
Sid's package depends on whole lot of sid stuff, so recompiling it on woody
requires significant effort. Data from apt-
> ClamAV is supported in Debian and it's very well integrated with
> amavisd-new (which, in turn, can be used also with spamassassin).
Yes, but where can I find clamav for woody?
Sid's package depends on whole lot of sid stuff, so recompiling it on woody
requires significant effort. Data from apt-
In article <[EMAIL PROTECTED]> you wrote:
> I am looking for a same solution. However, I am getting 40 to 70 of such
> mails within 2 hours. There should be a possibility with > exim-4.1, but
> nothing for exim-3.X
i am using clamscan with exiscan on exim-3 and it works well, beside the
fact that
On Mon, Sep 22, 2003 at 10:14:43PM +0100, Thomas Horsten wrote:
guess they are out there. Anyway, if you are truly security conscious you
should consider switching to qmail in any case.
Not. Postfix is just as good, but without an obnoxious license.
Mike Stone
On Mon, 22 Sep 2003, Ted Roby wrote:
> My secalert account for these lists is being drenched with 40 to 70 of
> these fake Microsoft Update emails per day.
> My filters on my client dump them to a Junk folder, but I would prefer
> it if my Exim filter would do the job at the server level instead.
In article <[EMAIL PROTECTED]> you wrote:
> I am looking for a same solution. However, I am getting 40 to 70 of such
> mails within 2 hours. There should be a possibility with > exim-4.1, but
> nothing for exim-3.X
i am using clamscan with exiscan on exim-3 and it works well, beside the
fact that
On Mon, Sep 22, 2003 at 10:14:43PM +0100, Thomas Horsten wrote:
guess they are out there. Anyway, if you are truly security conscious you
should consider switching to qmail in any case.
Not. Postfix is just as good, but without an obnoxious license.
Mike Stone
--
To UNSUBSCRIBE, email to [EMAIL P
On Mon, 22 Sep 2003, Ted Roby wrote:
> My secalert account for these lists is being drenched with 40 to 70 of
> these fake Microsoft Update emails per day.
> My filters on my client dump them to a Junk folder, but I would prefer
> it if my Exim filter would do the job at the server level instead.
[ I'm resending it because yesterday try didn't appear on the list.
Thomas Ritter has already answered to the copy which I sent directly to
him. ]
On Wed, 24 Sep 2003 at 1:54:42 +0200, Thomas Ritter wrote:
>
> Just a note: Open Antivirus programs like clamav are not perfect, because the
> open
[ I'm resending it because yesterday try didn't appear on the list.
Thomas Ritter has already answered to the copy which I sent directly to
him. ]
On Wed, 24 Sep 2003 at 1:54:42 +0200, Thomas Ritter wrote:
>
> Just a note: Open Antivirus programs like clamav are not perfect, because the
> open
On Wed, Sep 24, 2003 at 01:54:42AM +0200, Thomas Ritter wrote:
> And... a mail with a positive virus recognition can be deleted without having
> to fear it's a false positive, against which a mail found to be Spam by
> Spamassassin may be a real mail.
This is not true.
There's always the possi
On Wed, Sep 24, 2003 at 03:23:35PM +0200, Thomas Ritter wrote:
> Yes, I don't know the name, but there's a reference standard virus list.
I think you're talking about the Wildlist (www.wildlist.org). That's
not a reference list, but simply a list of viruses reported as
"currently active" by at le
Am Mittwoch, 24. September 2003 02:34 schrieb Tomasz Papszun:
> Sorry but I must say that this is an incorrect claim.
okay, not exclusively
> Currently ClamAV's own database is quite big and is updated even a
> couple of times a day if needed. It's quite good at new viruses caught
> "in the wild"
On Wed, Sep 24, 2003 at 01:54:42AM +0200, Thomas Ritter wrote:
> And... a mail with a positive virus recognition can be deleted without having
> to fear it's a false positive, against which a mail found to be Spam by
> Spamassassin may be a real mail.
This is not true.
There's always the possi
On Wed, Sep 24, 2003 at 03:23:35PM +0200, Thomas Ritter wrote:
> Yes, I don't know the name, but there's a reference standard virus list.
I think you're talking about the Wildlist (www.wildlist.org). That's
not a reference list, but simply a list of viruses reported as
"currently active" by at le
Am Mittwoch, 24. September 2003 02:34 schrieb Tomasz Papszun:
> Sorry but I must say that this is an incorrect claim.
okay, not exclusively
> Currently ClamAV's own database is quite big and is updated even a
> couple of times a day if needed. It's quite good at new viruses caught
> "in the wild"
Am Dienstag, 23. September 2003 23:48 schrieb Joel HATSCH:
> > > of these fake Microsoft Update emails per day.
> > > The single part MIME filter doesn't seem to catch it though. What
Just a note: Open Antivirus programs like clamav are not perfect, because the
open virus database [1] is still to
> > My secalert account for these lists is being drenched with 40 to 70
> > of these fake Microsoft Update emails per day.
> > My filters on my client dump them to a Junk folder, but I would
> > prefer it if my Exim filter would do the job at the server level
> > instead. I am running Nigel Metheri
Am Dienstag, 23. September 2003 23:48 schrieb Joel HATSCH:
> > > of these fake Microsoft Update emails per day.
> > > The single part MIME filter doesn't seem to catch it though. What
Just a note: Open Antivirus programs like clamav are not perfect, because the
open virus database [1] is still to
> > My secalert account for these lists is being drenched with 40 to 70
> > of these fake Microsoft Update emails per day.
> > My filters on my client dump them to a Junk folder, but I would
> > prefer it if my Exim filter would do the job at the server level
> > instead. I am running Nigel Metheri
On Monday, Sep 22, 2003, at 16:22 US/Pacific, Josh Carroll wrote:
One solution is to use spamassassin, and in your
~/.spamassassin/user_prefs, do the following:
Actually, I wish to stop the entire procedure at the SMTP level.
However, I have found my answer. I had to increase
message_body_v
On Monday, Sep 22, 2003, at 16:22 US/Pacific, Josh Carroll wrote:
One solution is to use spamassassin, and in your
~/.spamassassin/user_prefs, do the following:
Actually, I wish to stop the entire procedure at the SMTP level.
However, I have found my answer. I had to increase
message_body_visible
One solution is to use spamassassin, and in your
~/.spamassassin/user_prefs, do the following:
score MICROSOFT_EXECUTABLE 6
Or whatever number you need to get over the default threshold.
Effectively any mail with an identified .exe attachment would gain a
bonus of +6 in spamassasin (in my case I
One solution is to use spamassassin, and in your
~/.spamassassin/user_prefs, do the following:
score MICROSOFT_EXECUTABLE 6
Or whatever number you need to get over the default threshold.
Effectively any mail with an identified .exe attachment would gain a
bonus of +6 in spamassasin (in my case I
* Ted Roby <[EMAIL PROTECTED]> [22 09 03 20:56]:
>My secalert account for these lists is being drenched with 40 to 70 of
>these fake Microsoft Update emails per day.
>My filters on my client dump them to a Junk folder, but I would prefer
>it if my Exim filter would do the job at the server level
Am Mon, 2003-09-22 um 20.56 schrieb Ted Roby:
Hi Ted,
> My secalert account for these lists is being drenched with 40 to 70 of
> these fake Microsoft Update emails per day.
> My filters on my client dump them to a Junk folder, but I would prefer
> it if my Exim filter would do the job at the ser
On Mon, Sep 22, 2003 at 11:56:04AM -0700, Ted Roby wrote:
> The single part MIME filter doesn't seem to catch it though. What are
> others on this list using or doing to blatently block this stuff? There
> is no valid .exe I could receive, ever.
I use postfix and this in my body_checks map (rea
Ted Roby wrote:
My secalert account for these lists is being drenched with 40 to 70 of
these fake Microsoft Update emails per day.
My filters on my client dump them to a Junk folder, but I would prefer
it if my Exim filter would do the job at the server level instead. I am
running Nigel Meth
* Ted Roby <[EMAIL PROTECTED]> [22 09 03 20:56]:
>My secalert account for these lists is being drenched with 40 to 70 of
>these fake Microsoft Update emails per day.
>My filters on my client dump them to a Junk folder, but I would prefer
>it if my Exim filter would do the job at the server level
Am Mon, 2003-09-22 um 20.56 schrieb Ted Roby:
Hi Ted,
> My secalert account for these lists is being drenched with 40 to 70 of
> these fake Microsoft Update emails per day.
> My filters on my client dump them to a Junk folder, but I would prefer
> it if my Exim filter would do the job at the ser
My secalert account for these lists is being drenched with 40 to 70 of
these fake Microsoft Update emails per day.
My filters on my client dump them to a Junk folder, but I would prefer
it if my Exim filter would do the job at the server level instead. I am
running Nigel Metheringham's system_fi
On Mon, Sep 22, 2003 at 11:56:04AM -0700, Ted Roby wrote:
> The single part MIME filter doesn't seem to catch it though. What are
> others on this list using or doing to blatently block this stuff? There
> is no valid .exe I could receive, ever.
I use postfix and this in my body_checks map (rea
Ted Roby wrote:
My secalert account for these lists is being drenched with 40 to 70 of
these fake Microsoft Update emails per day.
My filters on my client dump them to a Junk folder, but I would prefer
it if my Exim filter would do the job at the server level instead. I am
running Nigel Methe
My secalert account for these lists is being drenched with 40 to 70 of
these fake Microsoft Update emails per day.
My filters on my client dump them to a Junk folder, but I would prefer
it if my Exim filter would do the job at the server level instead. I am
running Nigel Metheringham's system_fi
46 matches
Mail list logo
