* malware
@ 2016-06-09 15:08 Nellis, Kenneth
2016-06-09 15:49 ` malware Marco Atzeri
0 siblings, 1 reply; 9+ messages in thread
From: Nellis, Kenneth @ 2016-06-09 15:08 UTC (permalink / raw)
To: cygwin
Dear Cygwin,
A little supposition here, but it appears that the recent posting
from Viverra Inc. contained a malicious attachment, as detected by
my company's e-mail malware detection as it intercepted the recent
digest. I need now to appeal to them to allow me to continue
receiving e-mail from you. Cygwin has provided me invaluable tools
to do my software development work, so I hope this matter is
resolved promptly with my company. Meanwhile I ask that you review
your spam detection to minimize impact on me and others in my
situation.
--Ken Nellis
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware
2016-06-09 15:08 malware Nellis, Kenneth
@ 2016-06-09 15:49 ` Marco Atzeri
[not found] ` <CAKepmajx8LtDyYun-++CPaSuUMZsEQMKe=P2=JSgZwv36HvmOg@mail.gmail.com>
0 siblings, 1 reply; 9+ messages in thread
From: Marco Atzeri @ 2016-06-09 15:49 UTC (permalink / raw)
To: cygwin
On 09/06/2016 17:08, Nellis, Kenneth wrote:
> Dear Cygwin,
> A little supposition here, but it appears that the recent posting
> from Viverra Inc. contained a malicious attachment, as detected by
> my company's e-mail malware detection as it intercepted the recent
> digest. I need now to appeal to them to allow me to continue
> receiving e-mail from you. Cygwin has provided me invaluable tools
> to do my software development work, so I hope this matter is
> resolved promptly with my company. Meanwhile I ask that you review
> your spam detection to minimize impact on me and others in my
> situation.
> --Ken Nellis
>
In general, I suggest you to not use the company's e-mail
for mailing lists.
The spam detection is never 100% accurate, something
will always pass through and something will be falsely detected.
My company's spammer filter sometimes report internal
automatic mails as spam and don't catch real spam.
Regards
Marco
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware
[not found] ` <CAKepmajx8LtDyYun-++CPaSuUMZsEQMKe=P2=JSgZwv36HvmOg@mail.gmail.com>
@ 2016-06-09 15:52 ` Jack Adrian Zappa
2016-06-09 16:02 ` malware Marco Atzeri
0 siblings, 1 reply; 9+ messages in thread
From: Jack Adrian Zappa @ 2016-06-09 15:52 UTC (permalink / raw)
To: cygwin
Are you referring to the 83.dotm file? Looks highly suspicious. o.O
A
On Thu, Jun 9, 2016 at 11:51 AM, Jack Adrian Zappa
<adrianh.bsc@gmail.com> wrote:
> Are you referring to the 83.dotm file? Looks highly suspicious. o.O
>
>
> A
>
> On Thu, Jun 9, 2016 at 11:48 AM, Marco Atzeri <marco.atzeri@gmail.com>
> wrote:
>>
>> On 09/06/2016 17:08, Nellis, Kenneth wrote:
>>>
>>> Dear Cygwin,
>>> A little supposition here, but it appears that the recent posting
>>> from Viverra Inc. contained a malicious attachment, as detected by
>>> my company's e-mail malware detection as it intercepted the recent
>>> digest. I need now to appeal to them to allow me to continue
>>> receiving e-mail from you. Cygwin has provided me invaluable tools
>>> to do my software development work, so I hope this matter is
>>> resolved promptly with my company. Meanwhile I ask that you review
>>> your spam detection to minimize impact on me and others in my
>>> situation.
>>> --Ken Nellis
>>>
>>
>> In general, I suggest you to not use the company's e-mail
>> for mailing lists.
>>
>> The spam detection is never 100% accurate, something
>> will always pass through and something will be falsely detected.
>>
>> My company's spammer filter sometimes report internal
>> automatic mails as spam and don't catch real spam.
>>
>> Regards
>> Marco
>>
>>
>>
>> --
>> Problem reports: http://cygwin.com/problems.html
>> FAQ: http://cygwin.com/faq/
>> Documentation: http://cygwin.com/docs.html
>> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
>>
>
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware
2016-06-09 15:52 ` malware Jack Adrian Zappa
@ 2016-06-09 16:02 ` Marco Atzeri
2016-06-09 16:14 ` malware Corinna Vinschen
0 siblings, 1 reply; 9+ messages in thread
From: Marco Atzeri @ 2016-06-09 16:02 UTC (permalink / raw)
To: cygwin
On 09/06/2016 17:52, Jack Adrian Zappa wrote:
> Are you referring to the 83.dotm file? Looks highly suspicious. o.O
>
It is clearly spam or worse.
But some of them will always pass whatever filter the cygwin mail
server is implementing.
Some of them are reaching any mailbox also company's one.
Regards
Marco
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware
2016-06-09 16:02 ` malware Marco Atzeri
@ 2016-06-09 16:14 ` Corinna Vinschen
2016-06-09 17:19 ` malware Erik Soderquist
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Corinna Vinschen @ 2016-06-09 16:14 UTC (permalink / raw)
To: cygwin
[-- Attachment #1: Type: text/plain, Size: 845 bytes --]
On Jun 9 18:02, Marco Atzeri wrote:
> On 09/06/2016 17:52, Jack Adrian Zappa wrote:
> > Are you referring to the 83.dotm file? Looks highly suspicious. o.O
> >
>
> It is clearly spam or worse.
>
> But some of them will always pass whatever filter the cygwin mail
> server is implementing.
> Some of them are reaching any mailbox also company's one.
I can only agree with Marco. Sourceware is running an agressive spam
assassin and what not which gets constantly upgraded and fed with known
spam regulary to hone the filters. However, there's *no* way it will
always catch all spam or virus or worm. If so, it would probably also
catch lots of legit mails.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware
2016-06-09 16:14 ` malware Corinna Vinschen
@ 2016-06-09 17:19 ` Erik Soderquist
2016-06-09 17:49 ` malware David Stacey
2016-06-10 1:20 ` malware Andrey Repin
2 siblings, 0 replies; 9+ messages in thread
From: Erik Soderquist @ 2016-06-09 17:19 UTC (permalink / raw)
To: cygwin
On Thu, Jun 9, 2016 at 12:14 PM, Corinna Vinschen wrote:
> On Jun 9 18:02, Marco Atzeri wrote:
>> On 09/06/2016 17:52, Jack Adrian Zappa wrote:
>> > Are you referring to the 83.dotm file? Looks highly suspicious. o.O
>> >
>>
>> It is clearly spam or worse.
>>
>> But some of them will always pass whatever filter the cygwin mail
>> server is implementing.
>> Some of them are reaching any mailbox also company's one.
>
> I can only agree with Marco. Sourceware is running an aggressive spam
> assassin and what not which gets constantly upgraded and fed with known
> spam regularly to hone the filters. However, there's *no* way it will
> always catch all spam or virus or worm. If so, it would probably also
> catch lots of legit mails.
If ever anyone develops a "perfect" filter, someone else will develop
a way to get past it, and it will no longer be "perfect"... a
continuous cat & mouse game that will continue until the profit from
spam/virus/worm infiltration is permanently ended or the universe
implodes on itself... and I'm not sure the second scenario would
actually end it...
-- Erik
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware
2016-06-09 16:14 ` malware Corinna Vinschen
2016-06-09 17:19 ` malware Erik Soderquist
@ 2016-06-09 17:49 ` David Stacey
2016-06-10 4:18 ` malware Mike Fahlbusch
2016-06-10 1:20 ` malware Andrey Repin
2 siblings, 1 reply; 9+ messages in thread
From: David Stacey @ 2016-06-09 17:49 UTC (permalink / raw)
To: cygwin
On 09/06/16 17:14, Corinna Vinschen wrote:
> On Jun 9 18:02, Marco Atzeri wrote:
>> On 09/06/2016 17:52, Jack Adrian Zappa wrote:
>>> Are you referring to the 83.dotm file? Looks highly suspicious. o.O
>>>
>> It is clearly spam or worse.
>>
>> But some of them will always pass whatever filter the cygwin mail
>> server is implementing.
>> Some of them are reaching any mailbox also company's one.
> I can only agree with Marco. Sourceware is running an agressive spam
> assassin and what not which gets constantly upgraded and fed with known
> spam regulary to hone the filters. However, there's*no* way it will
> always catch all spam or virus or worm. If so, it would probably also
> catch lots of legit mails.
In fairness to the Sourceware mail filter, VirusTotal isn't decided on
whether the file is malevolent or not [1]. At present, all of the major
commercial AV tools pass it as clean. If it turns out to be something
unpleasant then we should request the postmaster delete the mail from
the archives.
Dave.
[1] -
https://www.virustotal.com/en/file/f2611880cfe199ef43f9de6d4b54c2fae06164a5ec2d321db086cab324954c6d/analysis/
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware
2016-06-09 16:14 ` malware Corinna Vinschen
2016-06-09 17:19 ` malware Erik Soderquist
2016-06-09 17:49 ` malware David Stacey
@ 2016-06-10 1:20 ` Andrey Repin
2 siblings, 0 replies; 9+ messages in thread
From: Andrey Repin @ 2016-06-10 1:20 UTC (permalink / raw)
To: Corinna Vinschen, cygwin
Greetings, Corinna Vinschen!
> On Jun 9 18:02, Marco Atzeri wrote:
>> On 09/06/2016 17:52, Jack Adrian Zappa wrote:
>> > Are you referring to the 83.dotm file? Looks highly suspicious. o.O
>> >
>>
>> It is clearly spam or worse.
>>
>> But some of them will always pass whatever filter the cygwin mail
>> server is implementing.
>> Some of them are reaching any mailbox also company's one.
> I can only agree with Marco. Sourceware is running an agressive spam
> assassin and what not which gets constantly upgraded and fed with known
> spam regulary to hone the filters. However, there's *no* way it will
> always catch all spam or virus or worm. If so, it would probably also
> catch lots of legit mails.
It already does the latter regularly. :(
I.e. I don't see at least one of my latest mails to the list. But I do see a
reply to it, presumable sent in reply to a CC'd copy because addressee not
being properly subscribed to the list.
--
With best regards,
Andrey Repin
Friday, June 10, 2016 04:04:53
Sorry for my terrible english...
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: malware
2016-06-09 17:49 ` malware David Stacey
@ 2016-06-10 4:18 ` Mike Fahlbusch
0 siblings, 0 replies; 9+ messages in thread
From: Mike Fahlbusch @ 2016-06-10 4:18 UTC (permalink / raw)
To: cygwin
Hi Cygwinners,
On 10/06/2016 3:19 AM, David Stacey wrote:
> On 09/06/16 17:14, Corinna Vinschen wrote:
>> On Jun 9 18:02, Marco Atzeri wrote:
>>> On 09/06/2016 17:52, Jack Adrian Zappa wrote:
>>>> Are you referring to the 83.dotm file? Looks highly suspicious. o.O
>>>>
>>> It is clearly spam or worse.
>>>
>>> But some of them will always pass whatever filter the cygwin mail
>>> server is implementing.
>>> Some of them are reaching any mailbox also company's one.
>> I can only agree with Marco. Sourceware is running an agressive spam
>> assassin and what not which gets constantly upgraded and fed with known
>> spam regulary to hone the filters. However, there's*no* way it will
>> always catch all spam or virus or worm. If so, it would probably also
>> catch lots of legit mails.
>
>
> In fairness to the Sourceware mail filter, VirusTotal isn't decided on
> whether the file is malevolent or not [1]. At present, all of the major
> commercial AV tools pass it as clean. If it turns out to be something
> unpleasant then we should request the postmaster delete the mail from
> the archives.
The more people click on the Junk button, the better!
--
Regards,
Mike
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2016-06-10 3:03 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-06-09 15:08 malware Nellis, Kenneth
2016-06-09 15:49 ` malware Marco Atzeri
[not found] ` <CAKepmajx8LtDyYun-++CPaSuUMZsEQMKe=P2=JSgZwv36HvmOg@mail.gmail.com>
2016-06-09 15:52 ` malware Jack Adrian Zappa
2016-06-09 16:02 ` malware Marco Atzeri
2016-06-09 16:14 ` malware Corinna Vinschen
2016-06-09 17:19 ` malware Erik Soderquist
2016-06-09 17:49 ` malware David Stacey
2016-06-10 4:18 ` malware Mike Fahlbusch
2016-06-10 1:20 ` malware Andrey Repin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).