Hey- normally I don't get too excited about viruses b/c I use postfix and no windows clients.... but I saw a reply in here that said it came from me. Since I have not sent anything to the list is a long while I am worried... Can someone please do me a favor and check the headers and see if it really did come from rod@dickersonbiz.com or if that is the virus playing games again???? Thanks and sorry if it was me...
Rod
On Wed, 2004-01-28 at 12:00, fedora-test-list-request@redhat.com wrote:
Send fedora-test-list mailing list submissions to fedora-test-list@redhat.com
To subscribe or unsubscribe via the World Wide Web, visit http://www.redhat.com/mailman/listinfo/fedora-test-list or, via email, send a message with subject or body 'help' to fedora-test-list-request@redhat.com
You can reach the person managing the list at fedora-test-list-admin@redhat.com
When replying, please edit your Subject line so it is more specific than "Re: Contents of fedora-test-list digest..."
Today's Topics:
- Re: x86_64 updates (Chuck Mead)
- Re: test (Chuck Mead)
- Re: test (shrek-m@gmx.de)
- Re: test (shrek-m@gmx.de)
- Re: test (csm@Lunar-Linux.org)
- rebuild gcc rpm on x86_64 (Gene C.)
- Re: rebuild gcc rpm on x86_64 (Jeremy Katz)
- Re: x86_64 updates (csm@Lunar-Linux.org)
- Re: rebuild gcc rpm on x86_64 (Gene C.)
- Re: x86_64 updates (csm@Lunar-Linux.org)
- Re: x86_64 updates (Chuck Mead)
- Fedora Bug Day Tomorrow: Jan 28th 2004: Bugzilla versus Mothra (Jef Spaleta)
- anyone using raid?> (jason pearl)
- Re: test (Michael Schwendt)
- Re: test (Dennis Gilmore)
- a Mail virus Scanner (was Re: test) (shrek-m@gmx.de)
- Re: a Mail virus Scanner (was Re: test) (Denis Croombs)
- RE: a Mail virus Scanner (was Re: test) (Randal, Phil)
- Re: x86_64 updates (Rob Myers)
- Re: x86_64 updates (Rob Myers)
- RFE for AV (was: RE: test) (Vanco, Don)
- RE: a Mail virus Scanner (was Re: test) (Chris Ricker)
- Re: RFE for AV (was: RE: test) (Thomas Munck Steenholdt)
- Re: a Mail virus Scanner (was Re: test) (Dennis Gilmore)
- Re: a Mail virus Scanner (was Re: test) (Chris Ricker)
--__--__--
Message: 1 Date: Tue, 27 Jan 2004 17:13:07 -0500 From: Chuck Mead csm@lunar-linux.org To: fedora-test-list@redhat.com Subject: Re: x86_64 updates Reply-To: fedora-test-list@redhat.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Rob Myers wrote: | On Tue, 2004-01-27 at 16:26, Chuck Mead wrote: | |>Okay I just ran a test with this yum.conf entry: |> |> |>[updates] |>name=Fedora Core $releasever - $basearch - Updates |>baseurl=http://people.redhat.com/csm/fedora/ |> |>It worked fine. |> |>If there is something else you guys need or want up there let me know. |>For now the slocate update is present and accounted for. | | | thank you for doing this. your efforts have already saved me some | effort! | | i did some unscientific comparisons between an i386 box and my opteron | and think i noticed a few more packages that are out of sync. | | package version on i386 version on x86-64 | ------------------------------------------------------------------- | net-snmp net-snmp-5.1-2.1 net-snmp-5.0.9-2 | kernel kernel-2.4.22-1.2149 kernel-2.4.22-1.2135 | glibc glibc-2.3.2-101.4 glibc-2.3.2-101.1 | | is this data correct? is it worth updating these packages? | | the kernel package seems important, but i'm running 2.6.2-rc2 so i don't | care too much. | | let me know what you think, and thanks again for the slocate update! | | rob. | | [csm@stealth rpms]$ rpm -q glibc glibc-2.3.2-101.4 glibc-2.3.2-101.4
*there are two of these because one provides x86 compatibility I will see about an update
[csm@stealth rpms]$ rpm -q net-snmp net-snmp-5.0.9-2 <---- I will see about providing an update for this.
[csm@stealth rpms]$ rpm -q kernel kernel-2.4.22-1.2135.nptl kernel-2.4.22-1.2149.nptl <---- I can provide an update for this also but I don't want to do both... seems unnecessary!
csm Lunar Linux Project Lead Disclaimer: "I am not a curmudgeon! No... really..." Addendum: "Bwahahaha! Fire up the orbital mind-control lasers!" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAFuJzq3bny/5+GAcRAtKBAKCdOg5xMEaazPW1FMDWseDw8/acyACgoyXe v7lJlvEBsPVU/jbhgi7+KZ8= =hb8i -----END PGP SIGNATURE-----
--__--__--
Message: 2 Date: Tue, 27 Jan 2004 17:20:22 -0500 From: Chuck Mead csm@lunar-linux.org To: fedora-test-list@redhat.com Subject: Re: test Reply-To: fedora-test-list@redhat.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
rod@dickersonbiz.com wrote: | The message contains Unicode characters and has been sent as a binary attachment.
bwaaaaaaaaaaaaaaaaahahahahahaha!
Stupid viruses...
csm Lunar Linux Project Lead Disclaimer: "I am not a curmudgeon! No... really..." Addendum: "Bwahahaha! Fire up the orbital mind-control lasers!" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAFuQmq3bny/5+GAcRAjT5AJ9+txpNfPCqGYamoweWTbdnO0NT9wCfW/7z JS+tZbKWSvpcY+Qc+RY22Tc= =2PTg -----END PGP SIGNATURE-----
--__--__--
Message: 3 Date: Tue, 27 Jan 2004 23:21:33 +0100 From: "shrek-m@gmx.de" shrek-m@gmx.de To: fedora-test-list@redhat.com Subject: Re: test Reply-To: fedora-test-list@redhat.com
rod@dickersonbiz.com wrote:
The message contains Unicode characters and has been sent as a binary attachment.
Virus 'W32/MyDoom-A' found in file file.zip
http://sophos.com/virusinfo/analyses/w32mydooma.html
-- shrek-m
--__--__--
Message: 4 Date: Tue, 27 Jan 2004 23:31:37 +0100 From: "shrek-m@gmx.de" shrek-m@gmx.de To: fedora-test-list@redhat.com Subject: Re: test Reply-To: fedora-test-list@redhat.com
shrek-m@gmx.de wrote:
Virus 'W32/MyDoom-A' found in file file.zip
i bet that you will see more viruses in 2004 than in 2003
please include MailScanner in the near future, or can you recommend a better tool?
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=113242
-- shrek-m
--__--__--
Message: 5 Date: Tue, 27 Jan 2004 17:50:49 -0500 (EST) From: csm@Lunar-Linux.org To: fedora-test-list@redhat.com Subject: Re: test Reply-To: fedora-test-list@redhat.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I dunno 'cause I do this server side.
On Tue, 27 Jan 2004, shrek-m@gmx.de spewed into the bitstream:
s>shrek-m@gmx.de wrote: s> s>>> >> Virus 'W32/MyDoom-A' found in file file.zip s>> s>> http://sophos.com/virusinfo/analyses/w32mydooma.html s> s> s>i bet that you will see more viruses in 2004 than in 2003 s> s>please include MailScanner in the near future, s>or can you recommend a better tool? s> s>https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=113242 s> s> s>
csm Lunar Linux Project Lead Disclaimer: "I am not a curmudgeon! No... really..." Addendum: "Bwahahaha! Fire up the orbital mind-control lasers!" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAFutPq3bny/5+GAcRAttXAKCIEB/5fWipk8gsiJfRjLumJ2h5+gCfahZP JbMptz+l0/J0tkQyjjwa+Y8= =GhN2 -----END PGP SIGNATURE-----
--__--__--
Message: 6 From: "Gene C." czar@czarc.net To: fedora-test-list@redhat.com Subject: rebuild gcc rpm on x86_64 Date: Tue, 27 Jan 2004 17:18:50 -0500 Reply-To: fedora-test-list@redhat.com
Can someone explain the logic to me why you need the i386 version of glibc-devel installed on a x86_64 system in order to rebuild gcc for the x86_64? https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=113893
Besides the man and info files which are duplicates of the ones in the x86_64 glibc-devel package, the i386 package only contains files in /usr/lib.
Yes, I am going to go and try to install it but I am sure bothered as to why.
An additional issue is that the i386 glibc-devel is not part of the FC1 x86_64 test1 distribution (only glibc for the i686). Shouldn't I be able to rebuild any package in a distribution given only the packages contained in the distribution?
Do I need the i386 version of glibc-devel to rebuild on the sparc? How about the IA64 Itanium? -- Gene
--__--__--
Message: 7 Subject: Re: rebuild gcc rpm on x86_64 From: Jeremy Katz katzj@redhat.com To: fedora-test-list@redhat.com Date: Tue, 27 Jan 2004 18:23:09 -0500 Reply-To: fedora-test-list@redhat.com
On Tue, 2004-01-27 at 17:18 -0500, Gene C. wrote:
Can someone explain the logic to me why you need the i386 version of glibc-devel installed on a x86_64 system in order to rebuild gcc for the x86_64? https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=113893
[snip]
Yes, I am going to go and try to install it but I am sure bothered as to why.
It's required so that you can build a gcc that supports -m32 and thus compile 32bit apps.
Cheers,
Jeremy
--__--__--
Message: 8 Date: Tue, 27 Jan 2004 19:15:32 -0500 (EST) From: csm@Lunar-Linux.org To: fedora-test-list@redhat.com Subject: Re: x86_64 updates Reply-To: fedora-test-list@redhat.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 27 Jan 2004, Rob Myers spewed into the bitstream:
RM>On Tue, 2004-01-27 at 16:26, Chuck Mead wrote: RM>> RM>> Okay I just ran a test with this yum.conf entry: RM>> RM>> RM>> [updates] RM>> name=Fedora Core $releasever - $basearch - Updates RM>> baseurl=http://people.redhat.com/csm/fedora/ RM>> RM>> It worked fine. RM>> RM>> If there is something else you guys need or want up there let me know. RM>> For now the slocate update is present and accounted for. RM> RM>thank you for doing this. your efforts have already saved me some RM>effort! RM> RM>i did some unscientific comparisons between an i386 box and my opteron RM>and think i noticed a few more packages that are out of sync. RM> RM>package version on i386 version on x86-64 RM>------------------------------------------------------------------- RM>net-snmp net-snmp-5.1-2.1 net-snmp-5.0.9-2 RM>kernel kernel-2.4.22-1.2149 kernel-2.4.22-1.2135 RM>glibc glibc-2.3.2-101.4 glibc-2.3.2-101.1
Okay... I have finished building the glibc update (I dunno what I did with the copy I built before) and am starting now on the kernel... then I will do the net-snmp and last I will post the updates on the people site.
Included will be an i686 version of the glibc package (which you need).
csm Lunar Linux Project Lead Disclaimer: "I am not a curmudgeon! No... really..." Addendum: "Bwahahaha! Fire up the orbital mind-control lasers!" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAFv8pq3bny/5+GAcRAm9+AKCaRHe46+P9XXYXk59TUOK2QJgatQCeMYk+ 9rXBJR7VOien7a/Qm4cxO/E= =4TPZ -----END PGP SIGNATURE-----
--__--__--
Message: 9 From: "Gene C." czar@czarc.net To: fedora-test-list@redhat.com Subject: Re: rebuild gcc rpm on x86_64 Date: Tue, 27 Jan 2004 22:01:28 -0500 Reply-To: fedora-test-list@redhat.com
On Tuesday 27 January 2004 18:23, Jeremy Katz wrote:
On Tue, 2004-01-27 at 17:18 -0500, Gene C. wrote:
Can someone explain the logic to me why you need the i386 version of glibc-devel installed on a x86_64 system in order to rebuild gcc for the x86_64? https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=113893
[snip]
Yes, I am going to go and try to install it but I am sure bothered as to why.
It's required so that you can build a gcc that supports -m32 and thus compile 32bit apps.
OK, I can understand that ... but what if you do not want -m32 support on your system ... whatever.
Anyway, what I really don't completely understand is how to install additional packages without screwing things up. OK, the rpm -ivh glibc-devel... did the right thing and installed and I am now building gcc.
I just completed building glibc 2.3.2-101.4 for the x86_64 and have downloaded the i386/i686 packages also. I plan to put these into a single (local) repository and then do an upgrade on the x86_64 system using up2date. Hopefully up2date will know how to do things "right".
But what if I wanted to do this "manually" with just rpm? How do I do this "safely" so that I do not wind up with a system with 64 bit applications and 32 bit libraries. Right now my x86_64 system is pure testing so if I screw it up it is not a big deal. But this will be an issue later. Whether it has been big iron mainframes or small microcomputer, I am more familiar (more comfortable) with single architecture systems. Yes, the IA32 systems have i686 and athlon packages but they are few and easily understood. If I do not do things "right", I could replace stuff in /usr/bin, etc/ with 32 bit versions.
Before I started porting nessus to the 64 bit environment, I tried to install the 32 bit version. I soon found that the requires 32 bit libraries and it was like pulling on a bowl of spaghetti with more and more 32 bit libraries required. It became easier to do the port (which has been successfully BTW).
Fedora Core is fairly lean and mean with respect to the 32 bit libraries it installs (compared to the two dvd system that SUSE has). So how do we install additional 32 bit libraries "safely"? And how do we then maintain it when i386/i686/x86_64 packages are updated?
Any guidance will be appreciated.
Gene
--__--__--
Message: 10 Date: Tue, 27 Jan 2004 22:06:00 -0500 (EST) From: csm@Lunar-Linux.org To: fedora-test-list@redhat.com Subject: Re: x86_64 updates Reply-To: fedora-test-list@redhat.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 27 Jan 2004, csm@Lunar-Linux.org spewed into the bitstream:
On Tue, 27 Jan 2004, Rob Myers spewed into the bitstream:
RM>On Tue, 2004-01-27 at 16:26, Chuck Mead wrote: RM>> RM>> Okay I just ran a test with this yum.conf entry: RM>> RM>> RM>> [updates] RM>> name=Fedora Core $releasever - $basearch - Updates RM>> baseurl=http://people.redhat.com/csm/fedora/ RM>> RM>> It worked fine. RM>> RM>> If there is something else you guys need or want up there let me know. RM>> For now the slocate update is present and accounted for. RM> RM>thank you for doing this. your efforts have already saved me some RM>effort! RM> RM>i did some unscientific comparisons between an i386 box and my opteron RM>and think i noticed a few more packages that are out of sync. RM> RM>package version on i386 version on x86-64 RM>------------------------------------------------------------------- RM>net-snmp net-snmp-5.1-2.1 net-snmp-5.0.9-2 RM>kernel kernel-2.4.22-1.2149 kernel-2.4.22-1.2135 RM>glibc glibc-2.3.2-101.4 glibc-2.3.2-101.1
Okay... I have finished building the glibc update (I dunno what I did with the copy I built before) and am starting now on the kernel... then I will do the net-snmp and last I will post the updates on the people site.
Included will be an i686 version of the glibc package (which you need).
Welp... there is a quota on my people account so I cannot do the updates there... I am moving them to moongroup.com. I will post more info later.
csm Lunar Linux Project Lead Disclaimer: "I am not a curmudgeon! No... really..." Addendum: "Bwahahaha! Fire up the orbital mind-control lasers!" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAFycaq3bny/5+GAcRAkfgAJ9j+1p7JSkqN+5+Fn5npTKt3h+ZKQCfa7KN IkFr7lKXIYHNHqIszgaANwY= =gcPs -----END PGP SIGNATURE-----
--__--__--
Message: 11 Date: Tue, 27 Jan 2004 23:45:51 -0500 From: Chuck Mead csm@lunar-linux.org To: fedora-test-list@redhat.com Subject: Re: x86_64 updates Reply-To: fedora-test-list@redhat.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
csm@Lunar-Linux.org wrote: | On Tue, 27 Jan 2004, csm@Lunar-Linux.org spewed into the bitstream: | | | Welp... there is a quota on my people account so I cannot do the updates | there... I am moving them to moongroup.com. I will post more info later.
Alright the updates are posted. Here is the appropriate section from my yum.conf:
[updates] name=Fedora Core $releasever - $basearch - Updates baseurl=http://www.moongroup.com/fedora/
Here is the appropriate section from my /etc/sysconfig/rhn/sources:
yum updates http://www.moongroup.com/fedora/
I don't think the bandwidth will be all that great but maybe someone else might grab them and put them on a faster site.
Also... rebuilding net-snmp-5.1-2.1.src.rpm fails badly. Here is the error:
gcc -I/usr/include/rpm -DINET6 -O2 -g -pipe -Dlinux -I/usr/include/rpm
- -o .libs/snmpd snmpd.o ./.libs/libnetsnmpagent.so
./.libs/libnetsnmpmibs.so helpers/.libs/libnetsnmphelpers.so
- -L/usr/lib/lib -lwrap ../snmplib/.libs/libnetsnmp.so -ldl -lrpm -lrpmio
/usr/lib/libpopt.so -lbz2 -lz -lcrypto -lelf -lm -Wl,--rpath -Wl,/usr/lib64 /usr/lib/libpopt.so: could not read symbols: Invalid operation collect2: ld returned 1 exit status make[1]: *** [snmpd] Error 1 make[1]: Leaving directory `/home/csm/redhat/BUILD/net-snmp-5.1/agent' make: *** [subdirs] Error 1 error: Bad exit status from /var/tmp/rpm-tmp.54899 (%build)
RPM build errors: ~ Bad exit status from /var/tmp/rpm-tmp.54899 (%build)
I bugzilla'd this already but I have no time to fool around with it as I am off to Boston tomorrow morning for a couple of days.
csm Lunar Linux Project Lead Disclaimer: "I am not a curmudgeon! No... really..." Addendum: "Bwahahaha! Fire up the orbital mind-control lasers!" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAFz5/q3bny/5+GAcRAtdpAJ9EFJJYt2uh1lpP0HZ5vebh75SCEgCfbuKL zzHbOQDZJKbe72Gwf7u6NPI= =C+vx -----END PGP SIGNATURE-----
--__--__--
Message: 12 Subject: Fedora Bug Day Tomorrow: Jan 28th 2004: Bugzilla versus Mothra From: Jef Spaleta jspaleta@princeton.edu To: fedora-test-list@redhat.com Date: Tue, 27 Jan 2004 23:57:55 -0500 Reply-To: fedora-test-list@redhat.com
--=-iP9yOI8cU8wOr/fDq6UL Content-Type: text/plain Content-Transfer-Encoding: quoted-printable
What:=20 Fedora Bug Day: General Fedora Triage=20
Why: =20 Bugs bad...Closing bugs good
Who: =20 Everybody and anybody who wants to help developers make better use of their time. Programming experience, isn't necessary to make a worthwhile contribution to the triaging effort. But programmers are welcome to. Who knows you might even stumble on a bug you can fix by submitting your own patch! For the rest of us, just digging into bugzilla and finding bugreports to mark as duplicates can help save developers some time.
How: =20 Simply pick an existing Fedora Core bug to triage, jump on the=20 #fedora-bugs during the stated times on Weds Jan 28th and convince me that the bug should be closed or marked up as a high priority for review.=20 When:=20 Jan 28th 9am EST (or right after i get my first cup of coffee) to let's say 6pm-ish EST (right before my wife tells me I need to drive her home from work). Allow of course for some gaps in between when my boss and found my hiding place and needs me to do something.
No Clue What I'm talking about when I say the phrase Fedora Triage? Take a quick look at the fedora-triage-list archives: https://lists.dulug.duke.edu/pipermail/fedora-triage-list/ These messages should hopefully tell you what its all about in more detail: http://tinyurl.com/ywma3 - Summary of my vision for Fedora Triage http://tinyurl.com/23alw - My short term goals and long term plans
-jef"technically I got this email out on Tuesday"spaleta
--=-iP9yOI8cU8wOr/fDq6UL Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQBAF0FTrWLDmRitRZURAlsYAJ9N0nEIW3BMo0aERFlPplEotS6cwwCePX4D i1Bfy1lo4DR42U5/IOyPwTU= =FBMi -----END PGP SIGNATURE-----
--=-iP9yOI8cU8wOr/fDq6UL--
--__--__--
Message: 13 Subject: anyone using raid?> From: jason pearl jpearl24@cox.net To: fedora-test-list@redhat.com Organization: Date: 27 Jan 2004 23:09:39 -0700 Reply-To: fedora-test-list@redhat.com
--=-UgkAD6RAneCWi3GtM/nP Content-Type: text/plain Content-Transfer-Encoding: quoted-printable
is anyone using a raid card like highpoint rocketraid 454 and have it working? I can only get it to work on redhat 9 can anyone give me some info. i have not found anything at websites. thanks=20 jason
--=-UgkAD6RAneCWi3GtM/nP Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQBAF1IiaxRK6/F2TDoRAubfAJ9GZp5FqJL++ahUqX7IVTHYa86WYACfQNri R1v4EhcWVFKAH3PbnPpNv08= =2azl -----END PGP SIGNATURE-----
--=-UgkAD6RAneCWi3GtM/nP--
--__--__--
Message: 14 Date: Wed, 28 Jan 2004 09:48:16 +0100 From: Michael Schwendt ms-nospam-0306@arcor.de To: fedora-test-list@redhat.com Subject: Re: test Reply-To: fedora-test-list@redhat.com
On Tue, 27 Jan 2004 17:20:22 -0500, Chuck Mead wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
rod@dickersonbiz.xxx wrote: | The message contains Unicode characters and has been sent as a binary attachment.
bwaaaaaaaaaaaaaaaaahahahahahaha!
Stupid viruses...
I disagree. Actually, they've become more clever with recent incarnations. Fetching valid e-mail addresses from address books or harvesting new addresses from existing mail folders _is_ clever. I could puke everytime I realize one of my addresses has been abused by a virus on some infected system somewhere on the Internet and when I receive bounced messages or quarantine notifications (which are much more stupid than the virus).
--
--__--__--
Message: 15 From: Dennis Gilmore dennis@ausil.us To: fedora-test-list@redhat.com Subject: Re: test Date: Wed, 28 Jan 2004 18:56:00 +1000 Reply-To: fedora-test-list@redhat.com
--Boundary-02=_nk3FARKTmyn8X6a Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline
Once upon a time Wednesday 28 January 2004 6:48 pm, Michael Schwendt wrote:
<snip> > > I disagree. Actually, they've become more clever with recent > incarnations. Fetching valid e-mail addresses from address books or > harvesting new addresses from existing mail folders _is_ clever. I could > puke everytime I realize one of my addresses has been abused by a virus on > some infected system somewhere on the Internet and when I receive bounced > messages or quarantine notifications (which are much more stupid than the > virus). > > --
I know what your saying ive been getting a few of these on a domain i used = to=20 manage. it was good to see clamav got it in its definitions quickly.
though it is a good indication that we need something like mailscanner or=20 amavais in Fedora somewhere.=20
Dennis
--Boundary-02=_nk3FARKTmyn8X6a Content-Type: application/pgp-signature Content-Description: signature
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQBAF3knGQLnD7l8/OERAhxRAJ42YqGS2rzDzsJGZU4R0/gFYU0kQACeOPQn zHm0zZd9cn+MVzf+cVjbMKQ= =3Gwk -----END PGP SIGNATURE-----
--Boundary-02=_nk3FARKTmyn8X6a--
--__--__--
Message: 16 Date: Wed, 28 Jan 2004 12:04:48 +0100 From: "shrek-m@gmx.de" shrek-m@gmx.de To: fedora-test-list@redhat.com Subject: a Mail virus Scanner (was Re: test) Reply-To: fedora-test-list@redhat.com
Dennis Gilmore wrote:
though it is a good indication that we need something like mailscanner or amavais in Fedora somewhere.
my experiences:
http://www.amavis.org/ i tried it ~2 years agoo, i wasnt impressed and removed it.
http://mailscanner.info i tried it ~1/2 year agoo, i was impressed. easy to install, upgrade, configure, ...
./install.sh [no problems] # chkconfig sendmail off # service sendmail stop # chkconfig MailScanner on # service MailScanner start
# upgrade_MailScanner_conf
# rpm -q mailscanner mailscanner-4.26.5-1
# rpm -q --changelog mailscanner | grep redhat
- Fr Jul 19 2002 Richard Keech rkeech@redhat.com
# grep ^[a-zA-Z] /etc/MailScanner/MailScanner.conf [......]
eg.
# grep ^[a-zA-Z] /etc/MailScanner/MailScanner.conf | grep -i virus Virus Scanning = yes Virus Scanners = sophos Virus Scanner Timeout = 300 Silent Viruses = HTML-IFrame All-Viruses Still Deliver Silent Viruses = yes Deleted Virus Message Report = %report-dir%/deleted.virus.message.txt Stored Virus Message Report = %report-dir%/stored.virus.message.txt Sender Virus Report = %report-dir%/sender.virus.report.txt Notify Senders Of Viruses = no Virus Modify Subject = yes Virus Subject Text = {Virus?} Notice Signature = -- \nMailScanner\nEmail Virus Scanner\nwww.mailscanner.info Virus Scanner Definitions = %etc-dir%/virus.scanners.conf
$ grep ^[a-zA-Z] /etc/MailScanner/MailScanner.conf | grep -i spam Spam Header = X-%org-name%-MailScanner-SpamCheck: Spam Score Header = X-%org-name%-MailScanner-SpamScore: Spam Score Character = s SpamScore Number Instead Of Stars = no Detailed Spam Report = yes Include Scores In SpamAssassin Report = yes Spam Modify Subject = yes Spam Subject Text = {Spam?} High Scoring Spam Modify Subject = yes High Scoring Spam Subject Text = {Spam?} Spam List Definitions = %etc-dir%/spam.lists.conf Spam Checks = yes Spam List = ORDB-RBL Infinite-Monkeys # MAPS-RBL+ costs money (except .ac.uk) Spam Domain List = Spam Lists To Reach High Score = 5 Spam List Timeout = 10 Max Spam List Timeouts = 7 Is Definitely Not Spam = %rules-dir%/spam.whitelist.rules Is Definitely Spam = no Definite Spam Is High Scoring = no Use SpamAssassin = yes Max SpamAssassin Size = 90000 Required SpamAssassin Score = 5 High SpamAssassin Score = 20 SpamAssassin Auto Whitelist = no SpamAssassin Prefs File = %etc-dir%/spam.assassin.prefs.conf SpamAssassin Timeout = 40 Max SpamAssassin Timeouts = 20 Check SpamAssassin If On Spam List = yes Always Include SpamAssassin Report = yes Spam Score = yes Spam Actions = deliver High Scoring Spam Actions = deliver Non Spam Actions = deliver Sender Spam Report = %report-dir%/sender.spam.report.txt Sender Spam List Report = %report-dir%/sender.spam.rbl.report.txt Sender SpamAssassin Report = %report-dir%/sender.spam.sa.report.txt Inline Spam Warning = %report-dir%/inline.spam.warning.txt Recipient Spam Report = %report-dir%/recipient.spam.report.txt Log Spam = no Log Non Spam = no SpamAssassin User State Dir = SpamAssassin Install Prefix = SpamAssassin Site Rules Dir = /etc/mail/spamassassin SpamAssassin Local Rules Dir = SpamAssassin Default Rules Dir = Debug SpamAssassin = no
-- shrek-m
--__--__--
Message: 17 From: "Denis Croombs" denis@croombs.org To: fedora-test-list@redhat.com Subject: Re: a Mail virus Scanner (was Re: test) Date: Wed, 28 Jan 2004 11:22:16 -0000 Reply-To: fedora-test-list@redhat.com
though it is a good indication that we need something like mailscanner
or
amavais in Fedora somewhere.
http://mailscanner.info i tried it ~1/2 year agoo, i was impressed. easy to install, upgrade, configure, ...
I can also support mailscanner, I have it on lots of systems and my customers systems and it is simply the very best I have come across. Also the support on the email list is also very good.
Denis Croombs www.just-servers.co.uk www.just-hosting.net
On Wed, Jan 28, 2004 at 12:26:16PM -0500, Rod Dickerson wrote:
Hey- normally I don't get too excited about viruses b/c I use postfix and no windows clients.... but I saw a reply in here that said it came from me. Since I have not sent anything to the list is a long while I am worried... Can someone please do me a favor and check the headers and see if it really did come from rod@dickersonbiz.com or if that is the virus playing games again???? Thanks and sorry if it was me...
I doubt it was from you. These days, most email Trojans scan the address book of the victim's copy of Outlook, and use it as a source of email addresses. Not only do they send to that list, but they masquerade as having come from those addresses.
As a point of netiquette, when replying please trim the quoted material. This was a 30KB message for one paragraph of payload. Thanks