* malware @ 2016-06-09 15:08 Nellis, Kenneth 2016-06-09 15:49 ` malware Marco Atzeri 0 siblings, 1 reply; 9+ messages in thread From: Nellis, Kenneth @ 2016-06-09 15:08 UTC (permalink / raw) To: cygwin Dear Cygwin, A little supposition here, but it appears that the recent posting from Viverra Inc. contained a malicious attachment, as detected by my company's e-mail malware detection as it intercepted the recent digest. I need now to appeal to them to allow me to continue receiving e-mail from you. Cygwin has provided me invaluable tools to do my software development work, so I hope this matter is resolved promptly with my company. Meanwhile I ask that you review your spam detection to minimize impact on me and others in my situation. --Ken Nellis -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware 2016-06-09 15:08 malware Nellis, Kenneth @ 2016-06-09 15:49 ` Marco Atzeri [not found] ` <CAKepmajx8LtDyYun-++CPaSuUMZsEQMKe=P2=JSgZwv36HvmOg@mail.gmail.com> 0 siblings, 1 reply; 9+ messages in thread From: Marco Atzeri @ 2016-06-09 15:49 UTC (permalink / raw) To: cygwin On 09/06/2016 17:08, Nellis, Kenneth wrote: > Dear Cygwin, > A little supposition here, but it appears that the recent posting > from Viverra Inc. contained a malicious attachment, as detected by > my company's e-mail malware detection as it intercepted the recent > digest. I need now to appeal to them to allow me to continue > receiving e-mail from you. Cygwin has provided me invaluable tools > to do my software development work, so I hope this matter is > resolved promptly with my company. Meanwhile I ask that you review > your spam detection to minimize impact on me and others in my > situation. > --Ken Nellis > In general, I suggest you to not use the company's e-mail for mailing lists. The spam detection is never 100% accurate, something will always pass through and something will be falsely detected. My company's spammer filter sometimes report internal automatic mails as spam and don't catch real spam. Regards Marco -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 9+ messages in thread
[parent not found: <CAKepmajx8LtDyYun-++CPaSuUMZsEQMKe=P2=JSgZwv36HvmOg@mail.gmail.com>]
* Re: malware [not found] ` <CAKepmajx8LtDyYun-++CPaSuUMZsEQMKe=P2=JSgZwv36HvmOg@mail.gmail.com> @ 2016-06-09 15:52 ` Jack Adrian Zappa 2016-06-09 16:02 ` malware Marco Atzeri 0 siblings, 1 reply; 9+ messages in thread From: Jack Adrian Zappa @ 2016-06-09 15:52 UTC (permalink / raw) To: cygwin Are you referring to the 83.dotm file? Looks highly suspicious. o.O A On Thu, Jun 9, 2016 at 11:51 AM, Jack Adrian Zappa <adrianh.bsc@gmail.com> wrote: > Are you referring to the 83.dotm file? Looks highly suspicious. o.O > > > A > > On Thu, Jun 9, 2016 at 11:48 AM, Marco Atzeri <marco.atzeri@gmail.com> > wrote: >> >> On 09/06/2016 17:08, Nellis, Kenneth wrote: >>> >>> Dear Cygwin, >>> A little supposition here, but it appears that the recent posting >>> from Viverra Inc. contained a malicious attachment, as detected by >>> my company's e-mail malware detection as it intercepted the recent >>> digest. I need now to appeal to them to allow me to continue >>> receiving e-mail from you. Cygwin has provided me invaluable tools >>> to do my software development work, so I hope this matter is >>> resolved promptly with my company. Meanwhile I ask that you review >>> your spam detection to minimize impact on me and others in my >>> situation. >>> --Ken Nellis >>> >> >> In general, I suggest you to not use the company's e-mail >> for mailing lists. >> >> The spam detection is never 100% accurate, something >> will always pass through and something will be falsely detected. >> >> My company's spammer filter sometimes report internal >> automatic mails as spam and don't catch real spam. >> >> Regards >> Marco >> >> >> >> -- >> Problem reports: http://cygwin.com/problems.html >> FAQ: http://cygwin.com/faq/ >> Documentation: http://cygwin.com/docs.html >> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple >> > -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware 2016-06-09 15:52 ` malware Jack Adrian Zappa @ 2016-06-09 16:02 ` Marco Atzeri 2016-06-09 16:14 ` malware Corinna Vinschen 0 siblings, 1 reply; 9+ messages in thread From: Marco Atzeri @ 2016-06-09 16:02 UTC (permalink / raw) To: cygwin On 09/06/2016 17:52, Jack Adrian Zappa wrote: > Are you referring to the 83.dotm file? Looks highly suspicious. o.O > It is clearly spam or worse. But some of them will always pass whatever filter the cygwin mail server is implementing. Some of them are reaching any mailbox also company's one. Regards Marco -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware 2016-06-09 16:02 ` malware Marco Atzeri @ 2016-06-09 16:14 ` Corinna Vinschen 2016-06-09 17:19 ` malware Erik Soderquist ` (2 more replies) 0 siblings, 3 replies; 9+ messages in thread From: Corinna Vinschen @ 2016-06-09 16:14 UTC (permalink / raw) To: cygwin [-- Attachment #1: Type: text/plain, Size: 845 bytes --] On Jun 9 18:02, Marco Atzeri wrote: > On 09/06/2016 17:52, Jack Adrian Zappa wrote: > > Are you referring to the 83.dotm file? Looks highly suspicious. o.O > > > > It is clearly spam or worse. > > But some of them will always pass whatever filter the cygwin mail > server is implementing. > Some of them are reaching any mailbox also company's one. I can only agree with Marco. Sourceware is running an agressive spam assassin and what not which gets constantly upgraded and fed with known spam regulary to hone the filters. However, there's *no* way it will always catch all spam or virus or worm. If so, it would probably also catch lots of legit mails. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 819 bytes --] ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware 2016-06-09 16:14 ` malware Corinna Vinschen @ 2016-06-09 17:19 ` Erik Soderquist 2016-06-09 17:49 ` malware David Stacey 2016-06-10 1:20 ` malware Andrey Repin 2 siblings, 0 replies; 9+ messages in thread From: Erik Soderquist @ 2016-06-09 17:19 UTC (permalink / raw) To: cygwin On Thu, Jun 9, 2016 at 12:14 PM, Corinna Vinschen wrote: > On Jun 9 18:02, Marco Atzeri wrote: >> On 09/06/2016 17:52, Jack Adrian Zappa wrote: >> > Are you referring to the 83.dotm file? Looks highly suspicious. o.O >> > >> >> It is clearly spam or worse. >> >> But some of them will always pass whatever filter the cygwin mail >> server is implementing. >> Some of them are reaching any mailbox also company's one. > > I can only agree with Marco. Sourceware is running an aggressive spam > assassin and what not which gets constantly upgraded and fed with known > spam regularly to hone the filters. However, there's *no* way it will > always catch all spam or virus or worm. If so, it would probably also > catch lots of legit mails. If ever anyone develops a "perfect" filter, someone else will develop a way to get past it, and it will no longer be "perfect"... a continuous cat & mouse game that will continue until the profit from spam/virus/worm infiltration is permanently ended or the universe implodes on itself... and I'm not sure the second scenario would actually end it... -- Erik -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware 2016-06-09 16:14 ` malware Corinna Vinschen 2016-06-09 17:19 ` malware Erik Soderquist @ 2016-06-09 17:49 ` David Stacey 2016-06-10 4:18 ` malware Mike Fahlbusch 2016-06-10 1:20 ` malware Andrey Repin 2 siblings, 1 reply; 9+ messages in thread From: David Stacey @ 2016-06-09 17:49 UTC (permalink / raw) To: cygwin On 09/06/16 17:14, Corinna Vinschen wrote: > On Jun 9 18:02, Marco Atzeri wrote: >> On 09/06/2016 17:52, Jack Adrian Zappa wrote: >>> Are you referring to the 83.dotm file? Looks highly suspicious. o.O >>> >> It is clearly spam or worse. >> >> But some of them will always pass whatever filter the cygwin mail >> server is implementing. >> Some of them are reaching any mailbox also company's one. > I can only agree with Marco. Sourceware is running an agressive spam > assassin and what not which gets constantly upgraded and fed with known > spam regulary to hone the filters. However, there's*no* way it will > always catch all spam or virus or worm. If so, it would probably also > catch lots of legit mails. In fairness to the Sourceware mail filter, VirusTotal isn't decided on whether the file is malevolent or not [1]. At present, all of the major commercial AV tools pass it as clean. If it turns out to be something unpleasant then we should request the postmaster delete the mail from the archives. Dave. [1] - https://www.virustotal.com/en/file/f2611880cfe199ef43f9de6d4b54c2fae06164a5ec2d321db086cab324954c6d/analysis/ -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware 2016-06-09 17:49 ` malware David Stacey @ 2016-06-10 4:18 ` Mike Fahlbusch 0 siblings, 0 replies; 9+ messages in thread From: Mike Fahlbusch @ 2016-06-10 4:18 UTC (permalink / raw) To: cygwin Hi Cygwinners, On 10/06/2016 3:19 AM, David Stacey wrote: > On 09/06/16 17:14, Corinna Vinschen wrote: >> On Jun 9 18:02, Marco Atzeri wrote: >>> On 09/06/2016 17:52, Jack Adrian Zappa wrote: >>>> Are you referring to the 83.dotm file? Looks highly suspicious. o.O >>>> >>> It is clearly spam or worse. >>> >>> But some of them will always pass whatever filter the cygwin mail >>> server is implementing. >>> Some of them are reaching any mailbox also company's one. >> I can only agree with Marco. Sourceware is running an agressive spam >> assassin and what not which gets constantly upgraded and fed with known >> spam regulary to hone the filters. However, there's*no* way it will >> always catch all spam or virus or worm. If so, it would probably also >> catch lots of legit mails. > > > In fairness to the Sourceware mail filter, VirusTotal isn't decided on > whether the file is malevolent or not [1]. At present, all of the major > commercial AV tools pass it as clean. If it turns out to be something > unpleasant then we should request the postmaster delete the mail from > the archives. The more people click on the Junk button, the better! -- Regards, Mike -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware 2016-06-09 16:14 ` malware Corinna Vinschen 2016-06-09 17:19 ` malware Erik Soderquist 2016-06-09 17:49 ` malware David Stacey @ 2016-06-10 1:20 ` Andrey Repin 2 siblings, 0 replies; 9+ messages in thread From: Andrey Repin @ 2016-06-10 1:20 UTC (permalink / raw) To: Corinna Vinschen, cygwin Greetings, Corinna Vinschen! > On Jun 9 18:02, Marco Atzeri wrote: >> On 09/06/2016 17:52, Jack Adrian Zappa wrote: >> > Are you referring to the 83.dotm file? Looks highly suspicious. o.O >> > >> >> It is clearly spam or worse. >> >> But some of them will always pass whatever filter the cygwin mail >> server is implementing. >> Some of them are reaching any mailbox also company's one. > I can only agree with Marco. Sourceware is running an agressive spam > assassin and what not which gets constantly upgraded and fed with known > spam regulary to hone the filters. However, there's *no* way it will > always catch all spam or virus or worm. If so, it would probably also > catch lots of legit mails. It already does the latter regularly. :( I.e. I don't see at least one of my latest mails to the list. But I do see a reply to it, presumable sent in reply to a CC'd copy because addressee not being properly subscribed to the list. -- With best regards, Andrey Repin Friday, June 10, 2016 04:04:53 Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2016-06-10 3:03 UTC | newest] Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2016-06-09 15:08 malware Nellis, Kenneth 2016-06-09 15:49 ` malware Marco Atzeri [not found] ` <CAKepmajx8LtDyYun-++CPaSuUMZsEQMKe=P2=JSgZwv36HvmOg@mail.gmail.com> 2016-06-09 15:52 ` malware Jack Adrian Zappa 2016-06-09 16:02 ` malware Marco Atzeri 2016-06-09 16:14 ` malware Corinna Vinschen 2016-06-09 17:19 ` malware Erik Soderquist 2016-06-09 17:49 ` malware David Stacey 2016-06-10 4:18 ` malware Mike Fahlbusch 2016-06-10 1:20 ` malware Andrey Repin
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).