Lately we've been getting slammed by spam. The bulk of it (no pun intended) is
coming from new domains (many just a day or two old) which originate from
key-systems gmbh, and all use RRPPROXY.NET as their name servers such as this
snippet from whois:
Domain Name: WATTSMINDANDBODYLAB.COM
Hi,
I've seen quite a few what I believe are phishing attack emails today
that I haven't seen before:
http://pastebin.com/tKEBH16e
It uses a bit.ly address to point the user to what looks like an
alternative way to login to Google Drive or any other cloud service in
one spot. Seriously evil
Hi,
I use amavis-new and block based on file type. My users should never
get legit executables via email, so they are sent to a quarantine.
Unfortunately, we're finding those simple-minded rules are running out
of gas. :( We've seen a zip file containing an Excel spreadsheet
with a macro vir
Am 19.02.2015 um 16:13 schrieb Matteo Dessalvi:
I am just curious, since I am using SaneSecurity
signatures too.
According to: http://sanesecurity.com/usage/signatures/
some of the lists you mentioned have been classified
with 'medium' to 'high' risk of false positives:
foxhole_*
spear / spea
Hello.
I am just curious, since I am using SaneSecurity
signatures too.
According to: http://sanesecurity.com/usage/signatures/
some of the lists you mentioned have been classified
with 'medium' to 'high' risk of false positives:
foxhole_*
spear / spearl
Did you not get into trouble with those
On Thu, 19 Feb 2015 09:27:12 +0100
Olivier CALVANO wrote:
> Hi
>
> i want backup the bayes database of my spamassassin server but
> impossible.
>
> On all server, that's finish at :
>
> locker: safe_unlock: lock on /var/spool/spamassassin/bayes.lock was
> lost due to expiry at
> /usr/lib/perl5/
On February 19, 2015 3:26:00 PM "David F. Skoll"
wrote:
Unfortunately, we're finding those simple-minded rules are running out
of gas. :( We've seen a zip file containing an Excel spreadsheet
with a macro virus in it. ClamAV is essentially useless at detecting
viruses, so it's a real problem
On Thu, 19 Feb 2015, David F. Skoll wrote:
On Thu, 19 Feb 2015 07:46:16 -0600
Chad M Stewart wrote:
I use amavis-new and block based on file type. My users should never
get legit executables via email, so they are sent to a quarantine.
Unfortunately, we're finding those simple-minded rules
Am 19.02.2015 um 15:47 schrieb Dave Funk:
On Thu, 19 Feb 2015, Reindl Harald wrote:
well, that can you achieve directly on the MTA but that won't help in
case of "emails containing MS office attachments with a Malicious VB
script"
cat /etc/postfix/mime_header_checks.cf
/^Content-(?:Dispositio
On Thu, 19 Feb 2015, Reindl Harald wrote:
well, that can you achieve directly on the MTA but that won't help in case of
"emails containing MS office attachments with a Malicious VB script"
cat /etc/postfix/mime_header_checks.cf
/^Content-(?:Disposition|Type):(?:.*?;)? \s*(?:file)?name \s* =
\
Am 19.02.2015 um 15:43 schrieb David F. Skoll:
On Thu, 19 Feb 2015 09:34:28 -0500
Alex Regan wrote:
[David Skoll]
spreadsheet with a macro virus in it. ClamAV is essentially
useless at detecting viruses, so it's a real problem... any ideas?
Useless? Are you using the third-party patterns?
On 02/19/2015 03:24 PM, David F. Skoll wrote:
On Thu, 19 Feb 2015 07:46:16 -0600
Chad M Stewart wrote:
I use amavis-new and block based on file type. My users should never
get legit executables via email, so they are sent to a quarantine.
Unfortunately, we're finding those simple-minded rul
On Thu, 19 Feb 2015 09:34:28 -0500
Alex Regan wrote:
[David Skoll]
> > spreadsheet with a macro virus in it. ClamAV is essentially
> > useless at detecting viruses, so it's a real problem... any ideas?
> Useless? Are you using the third-party patterns?
No, because when I tried some of them, th
Hi,
I use amavis-new and block based on file type. My users should never
get legit executables via email, so they are sent to a quarantine.
Unfortunately, we're finding those simple-minded rules are running out
of gas. :( We've seen a zip file containing an Excel spreadsheet
with a macro vir
On Thu, 19 Feb 2015 07:46:16 -0600
Chad M Stewart wrote:
> I use amavis-new and block based on file type. My users should never
> get legit executables via email, so they are sent to a quarantine.
Unfortunately, we're finding those simple-minded rules are running out
of gas. :( We've seen a zi
Am 19.02.2015 um 14:46 schrieb Chad M Stewart:
I use amavis-new and block based on file type. My users should never get legit
executables via email, so they are sent to a quarantine.
### BLOCKED ANYWHERE
# qr'^UNDECIPHERABLE$', # is or contains any undecipherable components
qr'^\.(exe-ms|
I use amavis-new and block based on file type. My users should never get legit
executables via email, so they are sent to a quarantine.
### BLOCKED ANYWHERE
# qr'^UNDECIPHERABLE$', # is or contains any undecipherable components
qr'^\.(exe-ms|dll)$', # banned file(1) types,
Thank you all for your comments, very much appreciated
Tony
Date: Wed, 18 Feb 2015 12:28:11 -0700
From: ml-node+s1065346n114635...@n5.nabble.com
To: tiar...@hotmail.com
Subject: Re: Recent spate of Malicious VB attachments II
On Wed, 18 Feb 2015 14:16:02 -0500
Joe Quinn <[hidden ema
Hi
i want backup the bayes database of my spamassassin server but impossible.
On all server, that's finish at :
locker: safe_unlock: lock on /var/spool/spamassassin/bayes.lock was lost
due to expiry at
/usr/lib/perl5/vendor_perl/5.10.0/Mail/SpamAssassin/Locker/UnixNFSSafe.pm
line 200.
and the
19 matches
Mail list logo
