What is the Worm.YoursID virus/worm?
This is one virus/worm that has become active since last night. Any clue
what it may be? Google searches, archived list searches and searches
anywhere I can think of failed to find any record of the name. Is it just
hitting this one instead of maybe Klez or
Thank ya kindly all. Had me baffled for a time.
JPP
At 12:51 PM 2/17/04 -0500, you wrote:
Here is a description:
http://www.sophos.com/virusinfo/analyses/w32tanxa.html
Kudos to the ClamAV people for adding the signature so quickly!
Regards,
Vlad
On Tue, 17 Feb 2004, Support ePaxsys/FRWS wrote
Maybe OT - but its a decent interim fix so people can continue sending
large(r) Zips.
SO - not sure if this is OT or what, but if you use procmail as the
delivery agent on your system, this rule below will catch the ZIPs under
250k in size and having 'password:' somewhere in the body.
Not pe
At 09:22 PM 3/2/04 +0100, Tomasz Papszun wrote:
On Tue, 02 Mar 2004 at 11:18:25 -0700, Support ePaxsys/FRWS wrote:
> Maybe OT - but its a decent interim fix so people can continue sending
> large(r) Zips.
>
> SO - not sure if this is OT or what, but if you use procmail as the
> de
False alarm.
[EMAIL PROTECTED] is caught just fine.
*goes back to checking installation*
Regards
Jerome "the humbled"
ePaxsys, Inc.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED
Good day
Just installed Clamav and it appears to not catch [EMAIL PROTECTED]
I caught it in my Antivirus/File blocking procmail filters, which is how I
know it got through.
The "signature" I use for this one is simple, I just look for:
CSmtpMsgPart123X456_000
It shows as:
boundary="CSmtpMsgPar
Hey Great Product
Couple things keep me awake nights (sorta)
Using 0.60 on RH7.3 systems with upgraded Kernels/GLIBC
Using clamav-milter
Sendmail 8.12.9
Have a cron job set up to grab the DBs using freshclam - it works fine
Questions are this:
1. How do I get the clamd binary to know there ar
Its something in the Milter for sure.
I "solved" the problem using MailScanner (which someone suggested). But I
do not like PERL scripts in the middle of the all the mail processes we
spawn. Especially just for Virus Scanning.
So I await a Milter that behaves well with ClamAV. The day will come
Hi again
To add to this thread.
It seems to hang on quite a few (not all) Session TimeOuts and ALL
'WARNING: ScanStream: Size exceeded' events
That may help.
Jerome
At 02:57 PM 7/10/03 -0600, you wrote:
Hey all!
Maybe someone here can help out with a curious problem. Its happening on
at lea
Hey all!
Maybe someone here can help out with a curious problem. Its happening on at
least 2 servers running RedHat 7.2 and 7.3 with patched Kernels... etc etc
They are both running:
Sendmail-8.12.9
OpenWebmail
SASL for user auth
And both have the latest and greatest Clamd and Clamav-Milter
What
I thought they updated late last week, our versions of the DB catch it as:
Report: message.zip contains Trojan.Dropper.C
And we have caught about 30 since late last night using ClamAV. Is there
another version its not catching yet?
Uh oh...
JPP
At 07:24 AM 8/4/03 -0700, you wrote:
Hi,
L
04 Aug 2003 08:39:30 -0600
Support ePaxsys/FRWS <[EMAIL PROTECTED]> wrote:
> I thought they updated late last week, our versions of the DB catch it as:
> Report: message.zip contains Trojan.Dropper.C
>
> And we have caught about 30 since late last night using ClamAV. Is there
>
Hey folks
Love the ClamAV system - 25000+ Sobig.F viruses blocked across 6 servers in
3 days. *whew*
But begs the question:
As PostMaster of these servers we are blessed with bounces, re-mails and
the like WITH the viruses in them in a lot of cases.
I have most of these file types blocked by d
Had/have the same problem.
Switch to MailScanner from http://www.mailscanner.info until they can get
that found and fixed. Seriously.
We want to use the Milter also but cannot.
JP
At 11:23 AM 8/25/03 -0500, you wrote:
I'm having a problem with clamd and clamav-milter.
We just implemented a vir
We too had some trouble with the ClamAV milter on our servers, we went to
MailScanner and it does the job nicely. (Though I would rather have a
Non-Perl solution, we can wait)
http://ww.mailscanner.info
Enjoy.
Jerome
At 04:32 PM 8/25/03 -0700, you wrote:
On 8/25/2003 4:16 PM, Tomasz Papszun w
We use it here on 8 mail servers, all sendmail. Using mailscanner and
ClamAV we were catching 30-4 Sobig.F's a day when it was running
rampant and quite a few Klez still.
Product works great - and they are real good at the updates. I think they
beat most of the "Big Guys" out the door with
At 06:39 PM 9/19/03 -0400, Rick Macdougall wrote:
Hi,
Thomas Lamy wrote:
when was the db updated for Worm.Gibe.F? I had it slip through 2
independant servers, one of them updates every hour...
As far as I know, a couple of days ago. I'm not seeing anything get
through here, running 0.60 here.
Greetings folks!
Been reading my clam-update.log (since previous posts raised my curiousity)
and noticed:
SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
A quick run through the docs, and a couple grep's on the source tree show
nothing I should look for with the build. The ./configure --hel
18 matches
Mail list logo
