From: David Stacey <drstacey@tiscali.co.uk>
To: cygwin@cygwin.com
Subject: Re: malware
Date: Thu, 09 Jun 2016 17:49:00 -0000 [thread overview]
Message-ID: <d5500adf-36c1-50a9-b4b4-af66dec8ede7@tiscali.co.uk> (raw)
In-Reply-To: <20160609161421.GA15058@calimero.vinschen.de>
On 09/06/16 17:14, Corinna Vinschen wrote:
> On Jun 9 18:02, Marco Atzeri wrote:
>> On 09/06/2016 17:52, Jack Adrian Zappa wrote:
>>> Are you referring to the 83.dotm file? Looks highly suspicious. o.O
>>>
>> It is clearly spam or worse.
>>
>> But some of them will always pass whatever filter the cygwin mail
>> server is implementing.
>> Some of them are reaching any mailbox also company's one.
> I can only agree with Marco. Sourceware is running an agressive spam
> assassin and what not which gets constantly upgraded and fed with known
> spam regulary to hone the filters. However, there's*no* way it will
> always catch all spam or virus or worm. If so, it would probably also
> catch lots of legit mails.
In fairness to the Sourceware mail filter, VirusTotal isn't decided on
whether the file is malevolent or not [1]. At present, all of the major
commercial AV tools pass it as clean. If it turns out to be something
unpleasant then we should request the postmaster delete the mail from
the archives.
Dave.
[1] -
https://www.virustotal.com/en/file/f2611880cfe199ef43f9de6d4b54c2fae06164a5ec2d321db086cab324954c6d/analysis/
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
next prev parent reply other threads:[~2016-06-09 17:49 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-09 15:08 malware Nellis, Kenneth
2016-06-09 15:49 ` malware Marco Atzeri
[not found] ` <CAKepmajx8LtDyYun-++CPaSuUMZsEQMKe=P2=JSgZwv36HvmOg@mail.gmail.com>
2016-06-09 15:52 ` malware Jack Adrian Zappa
2016-06-09 16:02 ` malware Marco Atzeri
2016-06-09 16:14 ` malware Corinna Vinschen
2016-06-09 17:19 ` malware Erik Soderquist
2016-06-09 17:49 ` David Stacey [this message]
2016-06-10 4:18 ` malware Mike Fahlbusch
2016-06-10 1:20 ` malware Andrey Repin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d5500adf-36c1-50a9-b4b4-af66dec8ede7@tiscali.co.uk \
--to=drstacey@tiscali.co.uk \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).