From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 42164 invoked by alias); 30 Jun 2018 17:14:10 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 41627 invoked by uid 89); 30 Jun 2018 17:14:09 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_LOW autolearn=no version=3.3.2 spammy=bounces, calgary, Alberta, inglis X-HELO: smtp-out-so.shaw.ca Received: from smtp-out-so.shaw.ca (HELO smtp-out-so.shaw.ca) (64.59.136.138) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Sat, 30 Jun 2018 17:14:07 +0000 Received: from [192.168.1.100] ([24.64.240.204]) by shaw.ca with ESMTP id ZJRkfKBhVTecGZJRlfF6a5; Sat, 30 Jun 2018 11:14:05 -0600 Reply-To: Brian.Inglis@SystematicSw.ab.ca Subject: Re: cygwin Digest 25 Jun 2018 00:46:06 -0000 Issue 10882 - virus alert To: cygwin@cygwin.com References: <2a0f4eac-9a37-0196-d072-4f5483557862@tiscali.co.uk> From: Brian Inglis Openpgp: preference=signencrypt Message-ID: Date: Sat, 30 Jun 2018 20:47:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 MIME-Version: 1.0 In-Reply-To: <2a0f4eac-9a37-0196-d072-4f5483557862@tiscali.co.uk> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2018-06/txt/msg00326.txt.bz2 On 2018-06-30 10:09, David Stacey wrote: > On 30/06/18 13:19, Richard Watt wrote: >> Did anyone else get a virus warning from the cygwin Digest 25 Jun 2018 >> 00:46:06 -0000 Issue 10882? > It's an unsolicited invoice from someone you've never heard of. Of course it's > malware :-) > It's an attachment to this post [1], compressed with gzip. The compressed > version passes through VirusTotal cleanly. If you unpack the file, though, you > discover that it isn't a PDF at all (surprise, surprise) but a .NET executable. > And quite a few anti-virus tools flag it as something unpleasant [2]. I get sourceware ezmlm bounce warnings, when my domain mail forwarder bounces mail with malware, and I don't see most of the spam, as my personal ISP account filter is configured to dump spam instead of flagging it. I don't see a few announce posts, as some appear to get dumped by my ISP as spam, and my mail client puts some other posts into my Junk folder. -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple