Going back through her emails I see she is using Outlook Express 5.0and
not Outlook 5.0.
Jim Rooth
KLOTRON,INC.
Office: 817.654.3018.103
Home: 972.606.6341
Mobile: 214.244.0979
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
Tools -- Accounts -- account -- Properties -- Advanced -- clear the
break messages apart checkbox
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Jim Rooth
Sent: Tuesday, 26 November 2002 9:18 AM
To: [EMAIL PROTECTED]
Subject: [Declude.Virus] Partial
Jim,
Tools Accounts Mail Properties On the advanced tab, uncheck the
box break apart messages
Fritz
Frederick P. Squib, Jr.
Network Administrator
Citizens Internet Services
http://www.wpa.net
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of
Same procedure.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Jim Rooth
Sent: Tuesday, 26 November 2002 9:26 AM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.Virus] Partial Vulnerability
Going back through her emails I see she is using Outlook Express
Let's see: a security company (which I categorize av vendors as) has there flagship
product depend on IE, a software product that has a less than admirable
vulnerability record. Can't Frisk build a separate http or ftp engine into F-Prot
like F-Secure does?
The updater seems to require IE 4.0
CI Travel
X-CYBERsitter-NoXMail: Passed - Adult: 0 (Req: 18) Spam: 0 (Req: 18) Tot: 0 (Req: 20)
X-RBL-Warning: XBL: 163.41.34.208.xbl.selwerd.cx.
X-Declude-Sender: [EMAIL PROTECTED] [208.34.41.163]
X-Declude-Spoolname: Db570efe303768cf1.SMD
X-Note: This E-mail was scanned for viruses by Declude
I just had an f r i e n d - g r e a t i n g slip through. These
have been blocked in the past. What is the best point to start to
fine out how this one made it.
First question: Does the eicar.com file get caught?
Second question: What does the Declude Virus log file say about the
I just had an f r i e n d - g r e a t i n g slip through. These
have been blocked in the past. What is the best point to start to
fine out how this one made it.
Oops -- that looks like the greeting card scam thing, which most AV
companies aren't treating as a virus. In that case,
Did you see Tom's post within the last couple of days about different domain
names being used?
What are you filtering on?
John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft.com
-Original Message-
From: [EMAIL PROTECTED]
CI Travel
X-CYBERsitter-NoXMail: Passed - Adult: 0 (Req: 18) Spam: 0 (Req: 18) Tot: 0 (Req: 20)
X-RBL-Warning: XBL: 163.41.34.208.xbl.selwerd.cx.
X-Declude-Sender: [EMAIL PROTECTED] [208.34.41.163]
X-Declude-Spoolname: Dbdda852203a66978.SMD
X-Note: This E-mail was scanned for viruses by Declude
I do have citravel.com in the allow.txt could that be the problem since
it came from an inside user Should I not add my domain to the
allow.txt
Does not matter. What has happened if you read my first reply is they are
using different domain names, and since you are only filter for one
CI Travel
X-CYBERsitter-NoXMail: Passed - Adult: 0 (Req: 18) Spam: 5 (Req: 18) Tot: 5 (Req: 20)
X-RBL-Warning: XBL: 163.41.34.208.xbl.selwerd.cx.
X-Declude-Sender: [EMAIL PROTECTED] [208.34.41.163]
X-Declude-Spoolname: Dc3476bc003729a9d.SMD
X-Note: This E-mail was scanned for viruses by Declude
CI Travel
X-CYBERsitter-NoXMail: FAILED - Score Adult: 0 (Req: 18) Spam: 23 (Req: 18) Tot: 23
(Req: 20)
X-RBL-Warning: XBL: 163.41.34.208.xbl.selwerd.cx.
X-Declude-Sender: [EMAIL PROTECTED] [208.34.41.163]
X-Declude-Spoolname: Dc78d1d02039e4f27.SMD
X-Note: This E-mail was scanned for viruses by
CI Travel
X-CYBERsitter-NoXMail: FAILED - Score Adult: 0 (Req: 18) Spam: 23 (Req: 18) Tot: 23
(Req: 20)
X-RBL-Warning: XBL: 163.41.34.208.xbl.selwerd.cx.
X-Declude-Sender: [EMAIL PROTECTED] [208.34.41.163]
X-Declude-Spoolname: Dca28400503d87a5a.SMD
X-Note: This E-mail was scanned for viruses by
John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of John Tolmachoff
Sent: Tuesday, November 26, 2002 11:49 AM
To: [EMAIL PROTECTED]
CI Travel
X-CYBERsitter-NoXMail: Passed - Adult: 0 (Req: 18) Spam: 8 (Req: 18) Tot: 8 (Req: 20)
X-RBL-Warning: XBL: 163.41.34.208.xbl.selwerd.cx.
X-Declude-Sender: [EMAIL PROTECTED] [208.34.41.163]
X-Declude-Spoolname: Dd91876840160d2ac.SMD
X-Note: This E-mail was scanned for viruses by Declude
I have put all those domain in my fromfile with a weight of 44 for
the fromfile in Global.cfg and 50 is delete so I think it should work.
WHOA! What about all the legit e - c a r d s that people send to one
another?
Better to hold and review.
Hmmm is there away to test something like this.
CI Travel
X-CYBERsitter-NoXMail: Passed - Adult: 0 (Req: 18) Spam: 8 (Req: 18) Tot: 8 (Req: 20)
X-RBL-Warning: XBL: 163.41.34.208.xbl.selwerd.cx.
X-Declude-Sender: [EMAIL PROTECTED] [208.34.41.163]
X-Declude-Spoolname: De15a241f01601738.SMD
X-Note: This E-mail was scanned for viruses by Declude
Hopefully somebody can help me out here. I'm not sure if this is a problem with
Declude or a problem with the email client, but it appears that Declude is identifying
a .doc file as .exe because the file name wraps lines in the message's
Content-Disposition line.
Below ar ethe log file
Hopefully somebody can help me out here. I'm not sure if this is a
problem with Declude or a problem with the email client, but it appears
that Declude is identifying a .doc file as .exe because the file name
wraps lines in the message's Content-Disposition line.
The problem in this case
FWIW, IMHO, such long file names are trouble themselves.
57 characters will allow problems to occur, although perfectly allowed.
John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft.com
-Original Message-
From: [EMAIL
21 matches
Mail list logo