Just to clarify one thing. While there are certainly issues with
tagging legitimate E-mail with the Outlook CR Vulnerability, it doesn't
have problems specifically with any popular E-mail clients
including Thunderbird.
The CR issues that were being tagged were likely the result of some
sort o
Instant recap:
Option 1) Let the virus scanner handle it, i.e.
BANCRVIRUSESOFF
Option 2) Upgrade to the current declude.exe and turn off the
vulnerabilities as you find that they cause false positives, i.e.
ALLOWVULNERABILITYOLBLANKFOLDING
I chose Option 1)
> -Original Message-
-- Original Message --
From: "Colbeck, Andrew" <[EMAIL PROTECTED]>
Reply-To: Declude.JunkMail@declude.com
Date: Wed, 17 Aug 2005 11:01:48 -0700
>A similar Outlook CR vulnerability was just discussed; check the
>archives at:
>
>http://www.mail-archive.com/de
Just wondering...if the Declude people are close to having this working yet?
I'm being forced to jump up to at least 8.1 because IPswitch hasn't patched
the IMAP vulnerability in the 8.05 that I am running. As long as I have to
renew the SA I wouldn't mind running their most up to date software 8
A similar Outlook CR vulnerability was just discussed; check the
archives at:
http://www.mail-archive.com/declude.virus%40declude.com/msg12356.html
The same things would apply. The manual does list the gory details of
what each vulnerability looks for, if you're interested.
Andrew 8)
P.s. Hell
What Matt said...
Plus, a customer viewing a hostile message will not infect your server;
the hypothetical infected .jpg file would simply be served up as a file
and would not be "executed" on the server, just on the client that views
the image.
On the other hand, one of your own technicians coul
We have had a user get a plain-text message he sent out using Thunderbird
1.0.2 that got caught by this check in Declude Junkmail. Just wondering
what precisely the error is and why Thunderbird-generated messages would be
getting nailed with it.
--
A. Clausen
---
This E-mail came from the Declu
Kim,
This most likely wasn't from an infected JPG. This vulnerability is
attacked through TCP ports:
Microsoft Security Bulletin MS05-039
Vulnerability in Plug and Play Could Allow Remote Code Execution and
Elevation of Privilege (899588)
http://www.microsoft.com/technet/security/Bulletin/MS0
To all...
I posted this warning to the IMail list as well as the Declude list, and
someone responded with the following link on August 16th:
http://securityresponse.symantec.com/avcenter/venc/data/w32.esbot.a.html
Symantec has more precise information regarding the worm than I can offer (
> Before rebooting my server I allways RENAME a dangerous file...
..maybe this will not work as long as the processes run and can't be stopped
in the task manager. But if possible I too rename the original malware file
and create a new one. (new empty textfile renamed to the previous filename)
10 matches
Mail list logo
