Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
testvirus.org test #24 - partial vulnerability
- Thread starter wfbtr
- Start date
cmeagan656
Technical User
I just tried it using CA's InoculateIT v6.0 but it never made it that far. Our spam filter, XWall, picked it up as an exploit.
Cheers.
Cheers.
devastator
IS-IT--Management
Well at first i caught them all because the reply email got blocked as SPAM.
Then when i excluded TESTVIRUS.org the following emails appeared.
Test 23, 19, 17, 14, 5, and 4.
We run Symantec Corp Edition for Exchange and PC Workstation clients as well as a version for MAC's. (which i ran the test to). We also run a CMD line scanner from McAfee. I am assumming our SPAM filter caught the one yours missed since it reassembles messages before forwarding them on to the Exchange Server.
Interesting results though.
Then when i excluded TESTVIRUS.org the following emails appeared.
Test 23, 19, 17, 14, 5, and 4.
We run Symantec Corp Edition for Exchange and PC Workstation clients as well as a version for MAC's. (which i ran the test to). We also run a CMD line scanner from McAfee. I am assumming our SPAM filter caught the one yours missed since it reassembles messages before forwarding them on to the Exchange Server.
Interesting results though.
devastator
IS-IT--Management
Yeah but if you allow it through X-Wall (TESTVIRUS.org) then see what happens. I use X-Wall as well.
devastator
IS-IT--Management
Just to be complete got my SPAM / Virus report from ESAT and 11 emails were blocked as viruses, another 3 that were let got past McAfee to the Exchange Server got caught in Symantec Mail Security for Exchange. 6 got blocked by X-Wall as exploits and of course 6 made it to my inbox.
- Thread starter
- #6
devastator
IS-IT--Management
Yeah was blocked by X-Wall under the option of "Format" Reassemble message ( removes malformed attachment encoding)
- Thread starter
- #8
cmeagan656
Technical User
devastator,
When I have XWall allow #24 through it gets through InoculateIT too. :-(
Oh well, as long as XWall catches it before it hits our exchange server.
If I have XWall block exploits and certain level 1 attachments and InoculateIT blocking all level 1 attachments then only 4, 16, and 17 get through.
BTW, InoculateIT caught #23 and 19.
I'm testing using my postmaster account which is exempt from XWall except for attachments, exploits, and internal from.
Cheers.
Cheers.
When I have XWall allow #24 through it gets through InoculateIT too. :-(
Oh well, as long as XWall catches it before it hits our exchange server.
If I have XWall block exploits and certain level 1 attachments and InoculateIT blocking all level 1 attachments then only 4, 16, and 17 get through.
BTW, InoculateIT caught #23 and 19.
I'm testing using my postmaster account which is exempt from XWall except for attachments, exploits, and internal from.
Cheers.
Cheers.
cmeagan656
Technical User
Our #24 got caught as an exploit by XWAll. (Block partial attachment (message partial)).
Cheers.
Cheers.
- Status
Similar threads
- Locked
- Question
- Locked
- Question