lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <1075191288.17226.10.camel@Star.BerthoudWireless.net>
From: security at 303underground.com (Scott Taylor)
Subject: Status

What I find amusing is that these stupid viruses are sending the same
content out to so many people, they are already getting blocked and
encapsulated by spamassassin, even before the virus scanner. I hadn't
even realized there was a rule for executables, but I might as well go
in and boost the scores for microsoft anything. But in the meantime, I
expect we'll be seeing a lot of these "status" messages from people on
the list we don't usually hear from...


On Mon, 2004-01-26 at 23:36, jeff01@...il.unc.edu wrote:
> Content analysis details:   (7.8 points, 5.0 required)
> 
>  pts rule name              description
> ---- ---------------------- --------------------------------------------------
>  0.3 NO_REAL_NAME           From: does not include a real name
>  0.9 FROM_ENDS_IN_NUMS      From: ends in numbers
>  0.1 MICROSOFT_EXECUTABLE   RAW: Message includes Microsoft executable program
>  3.3 PYZOR_CHECK            Listed in Pyzor (http://pyzor.sf.net/)
>  1.1 RCVD_IN_SORBS_HTTP     RBL: SORBS: sender is open HTTP proxy server
>                             [61.8.110.41 listed in dnsbl.sorbs.net]
>  0.1 RCVD_IN_SORBS          RBL: SORBS: sender is listed in SORBS
>                             [61.8.110.41 listed in dnsbl.sorbs.net]
>  1.2 MISSING_MIMEOLE        Message has X-MSMail-Priority, but no X-MimeOLE
>  0.8 PRIORITY_NO_NAME       Message has priority setting, but no X-Mailer
> 
> The original message was not completely plain text, and may be unsafe to
> open with some email clients; in particular, it may contain a virus,
> or confirm that your address can receive spam.  If you wish to view
> it, it may be safer to save it to a file and open it with an editor.

--
Scott Taylor - <security@...underground.com> 

BOFH Excuse #36:

dynamic software linking table corrupted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ