Steffen Heil wrote:
> I cannot prevent such things. I have no way to tell my customers: "you
> may not send each other executables or html-files with frames." They
> would go somewhere else immediately.
Just shifted the reply to this thread, Steffen. The iframe exploit, you
are already discrimin
Hi
> The main types of checks that should be done are regarding the composition
of the emails. For example, the ones you mention above, clsid and boundary
checks, will stop a proportional amount of virus mails from getting any
further.
Okay... already doing so.
> Then there are others, like ifra
Joe Maimon wrote:
> I may be in the minority here but I strenuously object to the "banned
> extensions" methodology. Especialy when implementing outside of the SMTP
> layer.
> For a service provider its a hassle for their customers. An internal
> corp. may be able to inflict such abuse on its us
Matt wrote:
Steffen Heil wrote:
For example, I DO have dnsblacklists, helo string checking, mime checks,
clsid extension checks, empty and to large boundary checks, verify
sender domain and soon some callout-checks in front of clamav.
However, some mail should get delivered and those should be
On Wed, 29 Sep 2004, Trog wrote:
On Wed, 2004-09-29 at 11:21, Paul Boven wrote:
BogusBaw Brandys wrote:
Damian Menscher wrote [inserted attribution for myself]:
This is not an isolated case. The virus submission page must be
changed to run the latest RELEASED version of clamav.
Seconded. I run an
On Wed, Sep 29, 2004 at 03:17:08PM +0200, Steffen Heil said:
> Hi
>
> > There are a significant amount of other methods that will generally detect
> an infected email. Approximately 3.8% of infected emails ever reach the
> stage where the virus scanners I use get called into action, and Clam hasn'
Steffen Heil wrote:
> For example, I DO have dnsblacklists, helo string checking, mime checks,
> clsid extension checks, empty and to large boundary checks, verify
> sender domain and soon some callout-checks in front of clamav.
> However, some mail should get delivered and those should be checked
Lol @ preacher
-Original Message-
From: Matt [mailto:[EMAIL PROTECTED]
Sent: 29 September 2004 14:45
To: [EMAIL PROTECTED]
Subject: Re: [Clamav-users] virus submission problem
Paul Boven wrote:
> >>>> This is not an isolated case. The virus submission page must be
&g
Hi
> There are a significant amount of other methods that will generally detect
an infected email. Approximately 3.8% of infected emails ever reach the
stage where the virus scanners I use get called into action, and Clam hasn't
missed one of those yet. Check for other email exploits before checki
On Wed, 2004-09-29 at 12:42, Bill Maidment wrote:
> Trog wrote:
>
> >
> > The current stable version is 0.75.1
> >
> >
>
> The stable webpage points me to 0.80rc3 as the latest!!!
>
No it doesn't. It takes you to a page containing a number of links and
information, one such link is to clamav
Paul Boven wrote:
> This is not an isolated case. The virus submission page must be
> changed to run the latest RELEASED version of clamav.
>
> Seconded. I run an up-to-date release version of ClamAV (0.75), there
> are virusses getting trough, but I can't submit them because 0.80rc3
Trog wrote:
The current stable version is 0.75.1
The stable webpage points me to 0.80rc3 as the latest!!!
--
_/_/_/_/ _/ _/
_/_/ _/ _/ _/
_/_/_/_/ _/
_/_/ _/ _/ _/
_/_/_/_/ _/ _/ _/
Bill Maidment
Maidment Enterprises Pty Ltd
Unless you are named "Alf
On Wed, 2004-09-29 at 11:21, Paul Boven wrote:
> Hi everyone,
>
> Bogusław Brandys wrote:
>
> This is not an isolated case. The virus submission page must be
> changed to run the latest RELEASED version of clamav.
>
> Seconded. I run an up-to-date release version of ClamAV (0.75), th
Hi everyone,
BogusÅaw Brandys wrote:
This is not an isolated case. The virus submission page must be
changed to run the latest RELEASED version of clamav.
Seconded. I run an up-to-date release version of ClamAV (0.75), there
are virusses getting trough, but I can't submit them because 0.80rc3
w
On Tue, 2004-09-28 at 21:35, Steffen Heil wrote:
> Hi
>
> > I have a serious issue with the current way virus samples are submitted.
> Right now, many viruses, such as the currently-spreading jpeg virus (see
> http://www.easynews.com/virus.txt) are detected by 0.80rc# or by some CVS
> version. Bu
Hello,
Mitch (WebCob) wrote:
This is not an isolated case. The virus submission page must be changed
to run the latest RELEASED version of clamav.
Haven't looked in a while, but I think it should:
Display result using latest RELEASE
Display result using latest CVS
Display IDENTITY of the virus
Di
> > This is not an isolated case. The virus submission page must be changed
> to run the latest RELEASED version of clamav.
>
Haven't looked in a while, but I think it should:
Display result using latest RELEASE
Display result using latest CVS
Display IDENTITY of the virus
Display config of the
Hi
> I have a serious issue with the current way virus samples are submitted.
Right now, many viruses, such as the currently-spreading jpeg virus (see
http://www.easynews.com/virus.txt) are detected by 0.80rc# or by some CVS
version. But we can't be expected to run those on production servers.
>
I have a serious issue with the current way virus samples are submitted.
Right now, many viruses, such as the currently-spreading jpeg virus (see
http://www.easynews.com/virus.txt) are detected by 0.80rc# or by some
CVS version. But we can't be expected to run those on production
servers.
Yes
19 matches
Mail list logo
