Mail Archives: cygwin/2016/06/09/23:04:03

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2016/06/09/23:04:03

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:subject:to:references:from:message-id:date

:mime-version:in-reply-to:content-type

:content-transfer-encoding; q=dns; s=default; b=eS4kDKnTGHP6botF

PamEBsEFgBedccCVhcIRNA8QBs4sdSrzmtXiKpLJYTnAz/6zx8zouCG7y01RD2ul

IqH7bwUHiKp0gkrj3CIk2fjHHRCvb8UXcD9h7s4U+/j9YSkg7Ai7ZNv1B0guiQo3

Afw7HOJRABJH113G2MXiK4rn8PE=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:subject:to:references:from:message-id:date

:mime-version:in-reply-to:content-type

:content-transfer-encoding; s=default; bh=u6UOlqOzChnaDTVHtv8W3Z

Hm5PA=; b=DcAsJemS2mEX5lx+j4gkiO71g+gz12eXLLuK7GAkVuimeORIFxxkxy

uFgTN2ZXmlDkw8SRN1FHpT+CrdUFvigIGuxlFNj4G7KsVyQZRl4vrnlDSPFlGXX9

NDfKo1nQBDNOroirPR7cB5cBSDXJ4JbDQKZrOYSu5LbkaVOxQ5cCQ=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=0.1 required=5.0 tests=BAYES_50,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=H*r:8.14.3, H*F:D*com.au, Junk, H*MI:sk:d5500ad

X-HELO: mail12.chariot.com.au

X-TPG-Junk-Checked: Yes

X-TPG-Junk-Status: Message not scanned because user authenticated using SMTP AUTH

X-TPG-Abuse: host=115-64-186-239.tpgi.com.au; ip=115.64.186.239; date=Fri, 10 Jun 2016 13:03:30 +1000; auth=4S7opPLCSxE/DW/A69qh0CgGp2IG7MxmiWxTU9nYdW8=

Subject: Re: malware

To: cygwin AT cygwin DOT com

References: <0D835E9B9CD07F40A48423F80D3B5A7039D920C3 AT USA7109MB022 DOT na DOT xerox DOT net> <3227b657-3712-966a-45ed-2bdd0d96d7c3 AT gmail DOT com> <CAKepmajx8LtDyYun-++CPaSuUMZsEQMKe=P2=JSgZwv36HvmOg AT mail DOT gmail DOT com> <CAKepmai4bt1L_t+YKADFv0wX=MeNUM_D5h0iTCWFRqw=hzc5Qw AT mail DOT gmail DOT com> <c8b4fa97-b7ed-c071-da55-e7246e1a0316 AT gmail DOT com> <20160609161421 DOT GA15058 AT calimero DOT vinschen DOT de> <d5500adf-36c1-50a9-b4b4-af66dec8ede7 AT tiscali DOT co DOT uk>

From: Mike Fahlbusch <mcf AT cobweb DOT com DOT au>

Message-ID: <39326e01-31a6-c048-4530-1290b9102e83@cobweb.com.au>

Date: Fri, 10 Jun 2016 12:33:30 +0930

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1

MIME-Version: 1.0

In-Reply-To: <d5500adf-36c1-50a9-b4b4-af66dec8ede7@tiscali.co.uk>

X-IsSubscribed: yes

Hi Cygwinners,

On 10/06/2016 3:19 AM, David Stacey wrote:
> On 09/06/16 17:14, Corinna Vinschen wrote:
>> On Jun  9 18:02, Marco Atzeri wrote:
>>> On 09/06/2016 17:52, Jack Adrian Zappa wrote:
>>>> Are you referring to the 83.dotm file?  Looks highly suspicious.  o.O
>>>>
>>> It is clearly spam or worse.
>>>
>>> But some of them will always pass whatever filter the cygwin mail
>>> server is implementing.
>>> Some of them are reaching any mailbox also company's one.
>> I can only agree with Marco.  Sourceware is running an agressive spam
>> assassin and what not which gets constantly upgraded and fed with known
>> spam regulary to hone the filters.  However, there's*no*  way it will
>> always catch all spam or virus or worm.  If so, it would probably also
>> catch lots of legit mails.
>
>
> In fairness to the Sourceware mail filter, VirusTotal isn't decided on
> whether the file is malevolent or not [1]. At present, all of the major
> commercial AV tools pass it as clean. If it turns out to be something
> unpleasant then we should request the postmaster delete the mail from
> the archives.

The more people click on the Junk button, the better!

-- 

Regards,
        Mike


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; q=dns; s=default; b=eS4kDKnTGHP6botF
	PamEBsEFgBedccCVhcIRNA8QBs4sdSrzmtXiKpLJYTnAz/6zx8zouCG7y01RD2ul
	IqH7bwUHiKp0gkrj3CIk2fjHHRCvb8UXcD9h7s4U+/j9YSkg7Ai7ZNv1B0guiQo3
	Afw7HOJRABJH113G2MXiK4rn8PE=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; s=default; bh=u6UOlqOzChnaDTVHtv8W3Z
	Hm5PA=; b=DcAsJemS2mEX5lx+j4gkiO71g+gz12eXLLuK7GAkVuimeORIFxxkxy
	uFgTN2ZXmlDkw8SRN1FHpT+CrdUFvigIGuxlFNj4G7KsVyQZRl4vrnlDSPFlGXX9
	NDfKo1nQBDNOroirPR7cB5cBSDXJ4JbDQKZrOYSu5LbkaVOxQ5cCQ=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=0.1 required=5.0 tests=BAYES_50,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=Hr:8.14.3, HF:Dcom.au, Junk, HMI:sk:d5500ad
X-HELO:	mail12.chariot.com.au
X-TPG-Junk-Checked:	Yes
X-TPG-Junk-Status:	Message not scanned because user authenticated using SMTP AUTH
X-TPG-Abuse:	host=115-64-186-239.tpgi.com.au; ip=115.64.186.239; date=Fri, 10 Jun 2016 13:03:30 +1000; auth=4S7opPLCSxE/DW/A69qh0CgGp2IG7MxmiWxTU9nYdW8=
Subject:	Re: malware
To:	cygwin AT cygwin DOT com
References:	<0D835E9B9CD07F40A48423F80D3B5A7039D920C3 AT USA7109MB022 DOT na DOT xerox DOT net> <3227b657-3712-966a-45ed-2bdd0d96d7c3 AT gmail DOT com> <CAKepmajx8LtDyYun-++CPaSuUMZsEQMKe=P2=JSgZwv36HvmOg AT mail DOT gmail DOT com> <CAKepmai4bt1L_t+YKADFv0wX=MeNUM_D5h0iTCWFRqw=hzc5Qw AT mail DOT gmail DOT com> <c8b4fa97-b7ed-c071-da55-e7246e1a0316 AT gmail DOT com> <20160609161421 DOT GA15058 AT calimero DOT vinschen DOT de> <d5500adf-36c1-50a9-b4b4-af66dec8ede7 AT tiscali DOT co DOT uk>
From:	Mike Fahlbusch <mcf AT cobweb DOT com DOT au>
Message-ID:	<39326e01-31a6-c048-4530-1290b9102e83@cobweb.com.au>
Date:	Fri, 10 Jun 2016 12:33:30 +0930
User-Agent:	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1
MIME-Version:	1.0
In-Reply-To:	<d5500adf-36c1-50a9-b4b4-af66dec8ede7@tiscali.co.uk>
X-IsSubscribed:	yes