One side note - if this feature is added please make sure this feature
is "configurable" so we can disable it if we choose (which I would). I
have customers who "hold" all spam for a certain period of time and than
we delete. If anything needs to be returned to the queue it is scanned
manuall
I just did an upgrade for a client to the latest version of clamd
(clamav-0.92.1-2a) from http://www.sosdg.org/clamav-win32. They are
using the clamd wrapper. After the install I went to start the service
and received the following error.
04-04-2008 10:32:56 SERVICE_START_PENDING
04-04-2008
Bonno,
This should do the trick.
http://www.fourmilab.ch/webtools/base64/
Darrell
--
Check out http://www.invariantsystems.com for utilities for Declude,
Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring,
SURBL/URI integration, MRTG Integration,
Bonno,
After Declude finishes scanning the message it passes it off to
smtp32.exe for delivery. I can't think of any instance where declude
will use the imail.exe utility.
Darrell
--
Check out http://www.invariantsystems.com for utilities for Declude,
Imail,
Bonno,
After Declude finishes scanning the message it passes it off to
smtp32.exe for delivery. I can't think of any instance where declude
will use the imail.exe utility.
Darrell
--
Check out http://www.invariantsystems.com for utilities for Declude,
Imail,
Are you sure CLAMAV is hitting on this or is this a hit from the SANE phish
database being used with CLAM?
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And Imail.
IMail/Declude Overflow Queue
Gary,
In order to scan the file I am sure Declude has to append the path to the
files to scan otherwise how would the virus scanner know what to scan? It
needs some type of path. Unless possibly it sets a working directory and
expects the scanner to scan all the files in the working directory
Honestly, I am not sure what all the individual files are, but here are my dates
incavi.avm - 4/15/2007
microavi.avg - 4/5/2007
miniavg.avg - 2/16/2007
avi7.avg - 2/21/2007
Howard - you can try this post from David from the Archive-
http://www.mail-archive.com/declude.virus@declude.com/msg13473.h
All and all it has been way down for me as well. In mid 2005 I was averging
around 100K-200K viruses a month (with AVAFTERJM). That has been dropping and
dropping. In 2006 the highest for any give month I had was 22K. This year I
have had nothing over 2,500. With running AVAFTERJM a lot of
I put it in both declude.cfg files. I now have two. One in the
IMail\Decude Folder, and one in the Program Files\Declude Folder. I'm not
sure which one is working right now.
Bill Green
dfn Systems
- Original Message -----
From: "Darrell ([EMAIL PROTECTED])" <[EMAIL PROTECTED]>
Bill,
Do you have a declude.exe and a decludeproc in your imail folder? Do you
have the decludeproc service in services? Do you also have a "proc" folder
off of imail\spool (i.e. imail\spool\proc). Are files starting to be
deposited into the proc folder?
Darrell
Bill,
It's
CODE [PLACE YOUR DECLUDE CODE HERE]
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG
Integration, a
DLAnalyzer 5.2.0 has been released.
DLAnalyzer is a comprehensive reporting tool that integrates both Junkmail
and Virus statistics into one report. Some of the features require the
Enterprise or Standard version, but we also have a FREE LITE version
available.
Report Samples: http://www.invarian
DLAnalyzer 5.2.0 has been released.
DLAnalyzer is a comprehensive reporting tool that integrates both Junkmail
and Virus statistics into one report. Some of the features require the
Enterprise or Standard version, but we also have a FREE LITE version
available.
Report Samples: http://www.invarian
Wolf,
I use McAfee, CLAM, Internal AVG, and at one time (before licensing changes)
F-Prot all at the same time. If you have extra CPU there is no reason not to
use multiple scanners. One thing though when I switched to processing AV last
I seen a dramatic drop in viruses due to them being cau
for some reason they still don't get deleted (but it's possible to do it
manually.)
-Original Message-
From: "Darrell ([EMAIL PROTECTED])" <[EMAIL PROTECTED]>
Sent 2/27/2007 10:17:46 AM
To: declude.virus@declude.com
Subject: Re: [Declude.Virus] Current
which fixed a similar error that stopped the
clamav service from starting.) But I haven't been able to fix this one. Anyone
know how to fix this error?
Thanks.
-Original Message-
From: "Darrell ([EMAIL PROTECTED])" <[EMAIL PROTECTED]>
Sent 2/26/2007 1:30:43
Gary,
I upgraded on Friday and have not ran into any issues.
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG
Int
Matt,
But think of it on the brightside. At least we know where Rick is if we need
to get in touch with him.
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And Imail.
IMail/Declude Overflow Q
Joe,
Just add the IP or CIDR block into the SMTP access control in Imail.
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integratio
FYI - List of AV Vulns that were listed in the SANS Vulnerability Alert that
affect most of us one way or another.
Also, there was a McAfee vulnerability but it was for thier linux based version.
06.50.31 CVE: CVE-2006-5874
Platform: Cross Platform
Title: Clam Anti-Virus MIME Attachments Denia
DLAnalyzer 5.2.0 has been released.
DLAnalyzer is a comprehensive reporting tool that integrates both Junkmail
and Virus statistics into one report. Some of the features require the
Enterprise or Standard version, but we also have a FREE LITE version
available.
New:
* Compatible with the log
DLAnalyzer 5.2.0 has been released.
DLAnalyzer is a comprehensive reporting tool that integrates both Junkmail
and Virus statistics into one report. Some of the features require the
Enterprise or Standard version, but we also have a FREE LITE version
available.
New:
* Compatible with the log
Eddie,
You do not need to run clamav twice to detect both phish and viruses. If
you put the phish.ndb into the same directory as the clam db it will also
use that.
Also, for me to get the virus name I had to use the wrapper.
This snippett below is from Scott Fisher who helped me get mine goin
Matt,
I agree with everyone of your points - My intent
was to bring it up that I had reported this issue up a long time ago as I also
thought that what was happening was undesirable. However, at the time
Scott did not feel this was a bug. However, times change and back scatter
is a huge
I brought this up to Scott several years ago - and
he said this is not a bug but a by design issue. He explained a scenario
why this was important and I understood based on the explantion but for the life
of me I can't remember the scenario.
Darrell
-
Pretty nice peice of social engineering below - how
many of your users will click on this tomorrow :) Who can resist the
temptation of a "secret" greeting card.
The link actually takes you to
http://www.lkkm.cz/help/postcard.gif.exe
Darrell
---
I noticed a new build from the SOSDG group has been released (88.3-1).
http://www.sosdg.org/clamav-win32/index.php
Anyone running it yet?
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Imail
What version are you running Matt in version
3.0.5.20 they fixed a ms-tnef issue with winmail.dat.
This might be the issue you are
seeing.
Darrell
Check
out http://www.invariantsystems.com for
utilities for Declude And
canned: CONTAINS A VIRUS
[Prescan OK][MIME: 2 108872]
Darrell
Darrell ([EMAIL PROTECTED]) writes:
Andy,
Besides AVG I have 3 scanners: listed in order (F-Prot, Clam AV, McAfee).
I do think its an AVG issue like you suggested. I am trying to find a way
to disable the built in AVG virus s
PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darrell
([EMAIL PROTECTED])
Sent: Wednesday, July 12, 2006 05:46 PM
To: declude.virus@declude.com
Cc: [EMAIL PROTECTED]
Subject: [Declude.Virus] 4.2.20 Error in Log
Since upgrading to 4.2.20 I started seeing the following error:
07/12/2006 00
Since upgrading to 4.2.20 I started seeing the following error:
07/12/2006 00:34:41.812 q7bca020f6715.smd 1 [1 of 2 not deleted] files
were deleted. You should not use an on-access virus scanner that scans the
\IMail directory or sub-directories.07/12/2006 00:34:41.328
This only happens
John,
What problems are you having with scan.exe? A lot of us use McAfee and have
no issues.
Darrell
---
Check out http://www.invariantsystems.com for utilities for Declude, Imail,
mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI
John,
CLAMAV is catching it on my systems.
Darrell
---
fpReview - Review held mail easily and quickly.
http://www.invariantsystems.com
John T (Lists) writes:
Back to the matter indicated in the subject line, how are others dealing
with this?
Is
Actually, it is CLAMAV catching it. Not sure about McAfee as I stop on
first virus. F-Prot is def. not catching it though.
Darrell
Darrell ([EMAIL PROTECTED]) writes:
Mcafee is catching these Trojan.Myno on my systems.
Darrell
---
Check out http
Mcafee is catching these Trojan.Myno on my systems.
Darrell
---
Check out http://www.invariantsystems.com for utilities for Declude, Imail,
mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI
integration, MRTG Integration, and Log Parse
fpReview is a utility that allows you to easily review held mail on your
Imail or SmarterMail system. With fpReview you can review messages and
return them back to the queue for delivery or rescanning by Declude. Besides
being able to return the message to the queue for delivery many other
opti
With older versions of Declude and Smartermail you used to have to do the
"X" rename to skip Declude processing. If you left the "X" off it would be
rescanned by Declude.
However, now that Declude is intergrated into Smartermail v3 what is the
correct requeing process?
Darrell
-
change?
Thanks
Eric
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Darrell ([EMAIL PROTECTED])Sent: 08 May 2006 13:34To: Declude.Virus@declude.comSubject: Re: [Declude.Virus]
(re)Installing Declude v1.65 on Imail 8.22?
Eric
Eric,
Are you only using Declude Virus? If not are
there other Declude headers in the message?
In the Virus logs does this message exist? Is
there virus logs (virMMdd.log).
Did you uninstall Declude because of this issue or
is this a new server? If this is a new server did you double c
DLAnalyzer 5.0 has been released. DLAnalyzer is a comprehensive reporting
tool that integrates both Junkmail and Virus statistics into one report.
Some of the features require the Enterprise or Standard version, but we also
have a FREE LITE version available.
With version 5.0 we have added ma
Michael,
Can you post some log snippet's from your junkmail logs showing this going
through junkmail and the corresponding AV log entries. I run this exact
same configuration and do not have this issue.
Darrell
Check o
If you don't want to bother learning or using perl
I suggest you look at DLAnalyzer. It can do Junkmail reporting and Virus
reporting for Declude integrated into one Windows based application. There
is a functional free version (lite).
Darrell
-
HOLD, DELETE, ETC - Does not get virus scanned with AVAFTERJM
ROUTETO, SUBJECT, Etc - Does get virus scanned.
Think of it this way anything that ends up being delivered somewhere (i.e.
mailbox etc) gets scanned.
Darrell
Matt writes:
This is the crux of the issue that I would like to fig
scanner (which makes sense to me). If that is so, then how does it
cut down on machine resources?
Friday, January 27, 2006, 9:43:19 AM, Darrell ([EMAIL PROTECTED]) <[EMAIL
PROTECTED]> wrote:
Dsic> Keith,
Dsic> It still gets virus scanned. I have tons of viruses in my virus
anner still scans it, won't it still use
the same CPU cycles?
Keith
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darrell
([EMAIL PROTECTED])
Sent: Friday, January 27, 2006 10:43 AM
To: Declude.Virus@declude.com
Subject: Re: [Declude.Virus] Featu
:[EMAIL PROTECTED] On Behalf Of Darrell
([EMAIL PROTECTED])
Sent: Friday, January 27, 2006 10:02 AM
To: Declude.Virus@declude.com
Subject: Re: [Declude.Virus] Feature request: DELETEVIRUSNAME
How does AVAFTERJM cut down on work? I thought it only affected the
order in which JM and AV ran, and
How does AVAFTERJM cut down on work? I thought it only affected the
order in which JM and AV ran, and that AV ran each time, regardless of
this setting.
The main benefit is that it cuts down on the amount of messages virus
scanned thus saving resources. It has been a MAJOR help for me.
Dar
FYI - For the other affected by this I put 3.0.5.22
back on and everything is flying along with no issues. Processing messages
as fast as could be.
FWIW - My issues started on December 24th at
approximatly - 2:10pm EST.
I will follow-up with Declude tomorrow to determine
why my version
Filenames?
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG
Integration, and Log Parsers.
Goran Jovanovic wri
http://www.pcworld.com/news/article/0,aid,123876,00.asp
Key paragraph -
//begin
Security firm iDefense said it broke the encrypted code in a Sober variant
discovered in November and found that it is designed to download the unknown
code from various Web addresses on January 5, 2006. Millions o
Knowing that there are issues with 1.x and 2.x with Imail 8.2x and 2006
extends from 8.2x I would suspect that you may have issues.
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Imail. I
I understand what everyone is saying, beleive me I do. What I can tell you
is that 3.x is much better than 2.x. Especially, since it fixes the issues
I had where 100's of declude processes would unexpectantly launch and would
hose the server. I have found the later versions to be very stable
I run 3.0.5.20 DFx - I think 1 or 2. It has a few extra fixes for me the
dnsbl issue is the ket one. I run it on two servers (imail) volume on
server 1 - 150K and volume on server 2 - 100K.
External tests: invURIBL & Sniffer
Darrell
---
Mark,
In general for these types of viruses yes you are ok as long as the
extensions in the zips are ones that you are blocking.
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Imail. IM
http://www.invariantsystems.com for utilities for Declude And
Imail. IMail Queue Monitoring, Declude Overflow Queue Monitoring, SURBL/URI
integration, MRTG Integration, and Log Parsers.
- Original Message -
From: "David Dodell" <[EMAIL PROTECTED]>
To: "Darr
Dodell" <[EMAIL PROTECTED]>
To: "Darrell ([EMAIL PROTECTED])"
Sent: Saturday, November 05, 2005 3:57 PM
Subject: Re[2]: [Declude.Virus] Help! Upgraded from 1.82 to 3. today
Saturday, November 5, 2005, 1:42:02 PM, Darrell
([EMAIL PROTECTED]) wrote:
Also, in the Command AVAFT
David,
When you say messages are getting stuck in the spool do you mean after they
are processed by Declude? When you upgraded to Declude 3.x did you replace
the declude.exe file?
Darrell
---
Check out http://www.invariantsystems.com for utilities for
Also, in the Command AVAFTERJM OFF
I assume this means it SCANS viruses first, then the junkmail?
No it actually scans for viruses after junkmail.
Darrell
---
invURIBL - Intelligent URI Filtering. Stops SPAM by focusing on the
I use Mcafee and it has been great they tend to be amoung the top for
getting updates out quick. However, it is very resource intensive.
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Ima
David,
Can you eloborate on "connectivity issues" I am trying to grasp what is
meant by connectivity issues (i.e. rbl's not returning data, etc?).
Darrell
Check out http://www.invariantsystems.com for utilities for Declu
message to sender
=
Bill
- Original Message ----- From: "Darrell
([EMAIL PROTECTED])" <[EMAIL PROTECTED]>
To:
Sent: Friday, October 28, 2005 9:37 AM
Subject: [Declude.Virus] Virus name reported as different than what
scanner detected.
Anyone seen this before? The
qaf506d06099e03ac.smd Scanner 1: Virus=
W32/[EMAIL PROTECTED] Attachment=email-password.zip [11] O
10/28/2005 00:56:05.015 qaf506d06099e03ac.smd File(s) are INFECTED [
W32/[EMAIL PROTECTED]: 3]
Darrell ([EMAIL PROTECTED]) writes:
Anyone seen this before? The message (attachment) have the
Anyone seen this before? The message (attachment) have the W97M/Thus Virus
and is detected by McAfee as having such, but the final virus string somehow
ends up at Netsky?
Darrell
x:\imail\spool>grep -i q41c378d5099ed6c9.smd vir1028.log
10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd Vulnerabi
(4) MODERATE: Multiple Anti-virus Vendor Detection Bypass
Affected: Multiple AV vendors including McAfee, Trend Micro, Kaspersky,
Sophos, CA, Panda.
Description: Multiple anti-virus engines reportedly contain a vulnerability
that can lead to bypassing detection of malware in ".bat", ".html" a
FYI - for those using clam...
05.42.21 CVE: Not Available
Platform: Cross Platform
Title: Clam Anti-Virus File Handling Denial Of Service
Description: ClamAV is an anti-virus application. It is vulnerable to a
denial of service issue due to a failure in the application to handle
malformed OLE
Please no talk about sharp objects - I just had a vasectomy a couple of
hours ago - oh the pain...
Darrell
---
Check out http://www.invariantsystems.com for utilities for Declude And
Imail. IMail Queue Monitoring, Declude Overflow Queue Monitoring, SURB
Kevin,
I thought PGP had a desktop version that integrates directly with outlook?
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI
FYI - For those using Bitdefender -
05.40.20 CVE: Not Available
Platform: Cross Platform
Title: BitDefender Antivirus Logging Function Format String
Vulnerability
Description: BitDefender Antivirus is a proprietary antivirus product
for multiple platforms. It is vulnerable to a format string iss
visit us at www.avertlabs.com
---DLAnalyzer - Comprehensive
reporting on Declude Junkmail and Virus. Download it today - http://www.invariantsystems.com.
- Original Message -
From:
Darrell
([EMAIL PROTECTED])
To: Declude.Virus
Alot got through today with that one, but its being
caught by F-Prot now.
10/05/2005 22:06:18 Q86937B8E01F27E50 MIME file:
pword_change.zip [base64; Length=113709 Checksum=13075286]10/05/2005
22:06:18 Q86937B8E01F27E50 Scanner 2: Virus=W32/[EMAIL PROTECTED]
Attachment=pword_change.zip [12]
Harry,
The message on my system just said you need to remove the last version.
Once I did that and re-ran the update all was well.
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Imail
Jeff,
Yes that is normal with the 3.0 upgrade. It is just a cosmetic change and
does not really impact anything.
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Imail. IMail/Declude Ove
Our MRTG scripts that we make available for Declude users have been updated
for the new log format of Declude 3.0. The programs are provided free and
"as is".
They can be downloaded from our site listed in the tag line.
Any questions let me know.
Darrell
--
I think it really depends on your volume if you will see this. Also, if you
have already tweaked your "WAITFORMAIL" you may not see it as well. On my
system during off peak hours I get on anverage between 75-100 messages per
minute. What you will see is Declude will spawn up to 20 or so threa
The directives are for tuning both single and multiprocessor systems.
They
are not meant as a tradeoff. Some multiprocessor systems do not exhibit
the
reported sleep for 30 seconds behavior. We have not been able to
reproduce
it ourselves.
I can produce it on my machine even on version 3.0.
Marcel,
"AVAFTERJM ON" goes in the virus.cfg file and it makes AV run after JM as
you suspected. Several of us run this mode for the reason you cited. The
only deal you have to remember is if something is trapped by JM and you put
it back in the queue it will not be virus scanned.
Darrell
* Processor load: sometimes for minutes a processor load of 100% (lots of
declude.exe, avgscan.exe and like l08w987.exe (from sniffer) processes) > >a
System process that fills up to 100%. In those periods there is no System
Idle processor time.
Does not really indicate a probelm per say. I
David,
Any progress on the issues we seen under multi-processor environments?
Darrell
David Barker writes:
If you are running the Declude Beta please upgrade to 3.0.3.8 and send
feedback to [EMAIL PROTECTED]
David B
www.declude.com
---
This E-mail came from the Declude.Virus mailing l
Also, any emails that are mime/base64 encoded should be mime decoded by the
AV scanner. I know mcafee has that option which we enable.
Darrell
Check out http://www.invariantsystems.com for utilities for Declude And
Imail
Here is the dirt:
From RIPE:
descr:Telefonica Wholesale International Service
members: AS12956
It appears at the moment that Telefonica have advertised announcements from
their customer 26210 of some /8's rather than blocked them as they should
(including 12/8). Sprint and GX
Slap on the wrist and his friends got paid for turning him in... Looks like
a win-win for all of them.
Darrell
John Tolmachoff (Lists) writes:
So the virus writer got a slap on the wrist. Boy, that will sure send a
message to would be virus writers.
John T
eServices For You
]
[mailto:[EMAIL PROTECTED] On Behalf Of Darrell
([EMAIL PROTECTED])
Sent: Friday, July 08, 2005 9:34 AM
To: Declude.Virus@declude.com
Subject: Re: [Declude.Virus] Limit Size of message to be scanned?
Grant,
What I do is set the "Single Message Size" under the domain. The limit I
have in
PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darrell
([EMAIL PROTECTED])
Sent: Friday, July 08, 2005 9:13 AM
To: Declude.Virus@declude.com
Subject: Re: [Declude.Virus] Limit Size of message to be scanned?
Grant,
Their is nothing native to Declude to prevent that - the only real optio
Grant,
Their is nothing native to Declude to prevent that - the only real option
besides something custom is to limit the size at the imail layer.
Darrell
InvURIBL - Intelligent URL filtering - stops 85% of spam with the
See - http://www.mail-archive.com/declude.junkmail@declude.com/msg24938.html
I posted about this issue a couple of times. We are currently waiting on a
fix - but this is the cause from what I can see from the debug logs.
Darrell
---
invURIBL - Intelligen
FYI - For those who have not seen this and are running ClamAV.
05.26.8 CVE: CAN-2005-1923
Platform: Cross Platform
Title: ClamAV Cabinet File Parsing Remote Denial of Service
Description: ClamAV is a virus scanning utility. ClamAV is affected by a
remote denial of service issue. ClamAV versions
Dan,
I have been running 2.0.6 with no "major" issues that plague me on a daily
basis. The only issue I have encountered is when the server is under high
load and Declude spawns processes until the server starts generating errors.
Since I upgraded the server it doesnt happen very often.
For
If you are using Imail just add it into the SMTP Access Control List. This
will block them from connecting to them.
Darrell
--
DLAnalyzer - Comprehensive reporting for Declude Junkmail and SPAM. Try it
today http://www.dlanalyzer.com
Susan Duncan wri
Kevin,
You would place that in your virus.cfg file.
Darrell
-
DLAnalyzer - Comprehensive reporting for Declude Junkmail and Virus. Try it
today - http://www.invariantsystems.com
Kevin Rogers writes:
Should I put "AVAFTERJM ON" in my global
Another MyTob variant is out. F-Prot is catching it but Mcafee is not.
Mcafee does have an extra.dat for it.
The file is coming in as "info-text.zip".
Darrell
DLAnalyzer - Comprehensive reporting on Declude Junkmail
a mass-mailing virus. Declude defaults to BANCSLID ON which may or may
not protect from such an attack. Some CSLID calls are entire valid and
normal for Outlook/Office generated E-mails, and I'm not totally sure
Plus the other question is does Declude look for the CSLID calls in files in
zi
John,
What do the filenames appear to be - any pattern either filename, subject,
body content etc?
Darrell
John Tolmachoff (Lists) writes:
One of the servers I manage is getting hit with lots of messages being
caught with banned exe within zip.
They are coming from different IPs
John
My thoughts are this - a virus is a virus and a vulnerability is a
vulnerability. My expectation is that if a virus is detected than the other
scanners will not be called. However, if a vulnerability is detected the
scanners will execute until such time a "virus" is found.
Maybe two switches - E
Don,
Attachment banning is global / for all domains. I do not believe there is a
way around this.
Darrell
---
invURIBL - Intelligent URI Filtering. Stops 85%+ SPAM with the default
configuration. Download a copy today - http://www.invariantsystems.com
--
>>Does declude virus need any modification as
such?
No...
Darrell
---invURIBL - Intelligent URI
Filtering. Stops 85%+ SPAM with the defaultconfiguration. Download a
copy today - http://www.invariantsystems.com
Alex,
Also make sure you add their mail servers address in the relay for ip
address options in smtp..
Everything else you mentioned from the Declude side is correct and what we
do.
Darrell
-
invURIBL - Intelligent URI filtering plug-in for Declude. S
Title: Message
Andrew,
During your test what did the CPU look like was it
a solid 100%? I have not ran the test, but on my mail server when I was
seeing the issue live it was 100%.
Darrell
---DLAnalyzer - Comprehensive
reporting for Declude Junkmai
Matt,
I am seeing the same thing - but my server (this one) is way more loaded
than it should. Scanner 2 is F-Prot as you can see there is an excessive
amount of time when this issue occurs. It was so bad that I ended up
disabling F-Prot until I can get to the bottom of this.
Darrell
04/
>>improved. If a virus is found with scanner 1, I'd like an option to avoid
calling later scanners. While >>it's good for comparison sakes, if a virus
is found, I don't need 2 other programs to confirm that.
>>I'd also like to have the PRESCAN ON/OFF setting moved within the virus
scanner definitio
1 - 100 of 126 matches
Mail list logo
