http://securityresponse.symantec.com/avcenter/venc/data/[EMAIL PROTECTED]
Sheesh! That's nice.
What really gets me on these bugs, is that you're supposed to disable System
Restore in ME/XP You would think that compressed backup data would be
immune to this sort of thing. What's the point of h
If I where you and the infected machine connected directly to your
mailserver I would create a BAN in Imail for this ip to prevent it to
even connect and send anything to your server.
/ Eje
Monday, September 8, 2003, 5:28:14 AM, you wrote:
JP> I have sort of resigned myself to just continue dele
I'm tired of doing that
- Original Message -
From: "Eje Gustafsson" <[EMAIL PROTECTED]>
To: "Jeff Pereira" <[EMAIL PROTECTED]>
Sent: Monday, September 08, 2003 10:42 AM
Subject: Re[2]: [Declude.Virus] SoBig more prolific now?
> If I where you and the infected machine connected direc
Curious is there any way to disable/prevent double extensions as
attachments ?
With one of the last new viruses this weekend one virus managed to
slip through between my automated updates to at least myself.
And this was a double extension .JPG.exe there are no reasons what
soever in my opinion th
I have been doing that, but I have heard that IMAIL's CAL can only
handle 100 IPS and I am running at about 90 now. Most of the offenders
are from Optimum online, I could block their whole IP range, but then I
think my home Optimum users trying to POP or SMTP (maybe even
Webmail)won't be able to c
Thanks Scott.
Sorry for the first direct mail. Was supposed to been to the mailing list.
Would it be possible to spec what double extensions you wouldn't
allow?
Say
BANEXT TXT.EXE
BANEXT JPG.EXE
BANEXT GIF.EXE
Where you assume there always is a . infront of the first
"extension" ?
That would
We have blocked .exe since the day we could block it.
If anyone wants to send a .exe he/she is intelligent enough to be able to
zip it. Accepting .exe is asking for trouble.
Outlook Express by default will block .exe .. I am not sure about Outlook
but I don't think it does.
We have an autoreply
> >>Maybe a shared file would be in order.
>
> Well, this would have to be approched with LOTS of caution. i.e. I
> blocked a class A from China, this may not be what you would want to do,
as
> you may have users that need those particular China IPs.
I am not talking about an outright block.
a.. Microsoft Outlook 2002 does block most file extensions by default, here
is a list of what it blocks and info on how to change its default behavior
http://support.microsoft.com/default.aspx?scid=kb;en-us;290497
Sincerely,
William J. Baumbach II [EMAIL PROTECTED]
9975 Pennsylvania Ave. Manas
Thanks Kami.
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:Declude.Virus-
> [EMAIL PROTECTED] On Behalf Of Kami Razvan
> Sent: Saturday, September 06, 2003 1:12 PM
> To: [EMAIL PROTECTED]
> S
> What really gets me on these bugs, is that you're supposed to disable
System
> Restore in ME/XP You would think that compressed backup data would be
> immune to this sort of thing. What's the point of having sys restore if
> everytime you MAY have a virus you need to wipe ALL the restore data
Would it be possible to spec what double extensions you wouldn't
allow?
Say
BANEXT TXT.EXE
BANEXT JPG.EXE
BANEXT GIF.EXE
Where you assume there always is a . infront of the first
"extension" ?
That's something that we can probably add.
-Scott
>>Not MS problem. Think about it. You make any kind of backup or archive of
an
>>infected file, the archive or backup contains that infected file. If you
>>should restore that backup, you have restored the infected file.
Right, I got that, but if you have 3 months of CLEAN restore points, you
only
Hi all,
hopefully someone can give us some insight to a problem related to BSOD we
have been encountering on our Imail server
Server is running Imail 8.02 with Declude Virus with scanners below and
Declude Junkmail. Nothing else is running on the server. Declude Virus
Config appears at end of thi
hopefully someone can give us some insight to a problem related to BSOD we
have been encountering on our Imail server
I'm guessing that it is one of the 3 virus scanners. AV programs often
access memory and hard drives at a low level, and are a bit more prone to
issues like this than most appli
I hate to hijack the thread but...
Why run so many scanners? We only run one scanner and have never had a
problem... Are we missing something by not running more than one?
Greg
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of R. Scott Perry
Sent: Monday, Sep
Thanks Scott,
I have a feeling it is F-Prot because when this first started happening, we
did not have Netshield or AVG on the server.
So we've disabled both F-prot and AVG for now and let's see what happens.
If anyone else has seen similar issues please reply!
Peter
- Original Message ---
Well, yes. We only used Fprot till Mimail came out. At that time it took
Fprot 4 days to update their definitions. So many customers started getting
Mimail and complaining. To avoid the problem we decided to use multiple
scanners to lower possibility of a virus slipping thru.
However I don't think
If it's worth $245 to you, I have had some success with Microsoft support
being able to pinpoint the culprit using the memory dumps.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mailing Lists
Sent: Monday, September 08, 2003 1:08 PM
To: [EMAIL PROTECTED
> Right, I got that, but if you have 3 months of CLEAN restore points, you
> only just got infected today, for example, you shouldn't have to trash
every
> restore point, only today's, or even yesterday's, or even a month back.
for
> that matter.. If that's the only way, why have restore points at
Are you using the DOS version or Windows version of F-Prot?
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:Declude.Virus-
> [EMAIL PROTECTED] On Behalf Of Mailing Lists
> Sent: Monday, Septemb
Windows version,
Peter
- Original Message -
From: "John Tolmachoff (Lists)" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, September 08, 2003 3:26 PM
Subject: RE: [Declude.Virus] Blue Screen on Imail with Declude Virus and
Declude Junkmail and Declude Junkmail
Are you using
So right now, you only have Gristoft running, correct?
Exactly when did this start?
Have you run any performance monitors to see what is happening just before
the BSOD?
Any other AV software installed?
What AV is protecting the server itself?
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServ
John,
right now only Netshield 2000 SP1 is running, hasn't crashed yet but too
early to tell.
No, we haven't run any performance monitors yet - but the common thing in
the BSOD is 100+ emails being processed by Imail/Declude. This will
generally happen during peak hrs, we can actually duplicate i
Sorry if this is real obvious but I haven't upgrade my declude in a long
time and I can't remember where to get the latest version.
Can someone point me in the right direction?
Thanks
Timothy C. Bohen
CMSInter.Net LLC / Crystal MicroSystems LLC
===
web
Sorry if this is real obvious but I haven't upgrade my declude in a long
time and I can't remember where to get the latest version.
Can someone point me in the right direction?
If it has been over a year, the first step is to order a Service Agreement
at http://www.declude.com/order.htm .
Otherw
Uhh sorry another dumb question, but other than digging through old files
can I find out if mine is expired??
Timothy C. Bohen
CMSInter.Net LLC / Crystal MicroSystems LLC
===
web : www.cmsinter.net
email: [EMAIL PROTECTED]
phone: 989.235.5100 x222
fax :
Uhh sorry another dumb question, but other than digging through old files
can I find out if mine is expired??
Unfortunately, that's the only way, aside from contacting us.
I'll check our records and let you know off-list.
-Scott
---
Declude Junk
28 matches
Mail list logo