X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; q=dns; s=default; b=eS4kDKnTGHP6botF PamEBsEFgBedccCVhcIRNA8QBs4sdSrzmtXiKpLJYTnAz/6zx8zouCG7y01RD2ul IqH7bwUHiKp0gkrj3CIk2fjHHRCvb8UXcD9h7s4U+/j9YSkg7Ai7ZNv1B0guiQo3 Afw7HOJRABJH113G2MXiK4rn8PE= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; s=default; bh=u6UOlqOzChnaDTVHtv8W3Z Hm5PA=; b=DcAsJemS2mEX5lx+j4gkiO71g+gz12eXLLuK7GAkVuimeORIFxxkxy uFgTN2ZXmlDkw8SRN1FHpT+CrdUFvigIGuxlFNj4G7KsVyQZRl4vrnlDSPFlGXX9 NDfKo1nQBDNOroirPR7cB5cBSDXJ4JbDQKZrOYSu5LbkaVOxQ5cCQ= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=0.1 required=5.0 tests=BAYES_50,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=H*r:8.14.3, H*F:D*com.au, Junk, H*MI:sk:d5500ad X-HELO: mail12.chariot.com.au X-TPG-Junk-Checked: Yes X-TPG-Junk-Status: Message not scanned because user authenticated using SMTP AUTH X-TPG-Abuse: host=115-64-186-239.tpgi.com.au; ip=115.64.186.239; date=Fri, 10 Jun 2016 13:03:30 +1000; auth=4S7opPLCSxE/DW/A69qh0CgGp2IG7MxmiWxTU9nYdW8= Subject: Re: malware To: cygwin AT cygwin DOT com References: <0D835E9B9CD07F40A48423F80D3B5A7039D920C3 AT USA7109MB022 DOT na DOT xerox DOT net> <3227b657-3712-966a-45ed-2bdd0d96d7c3 AT gmail DOT com>

<20160609161421 DOT GA15058 AT calimero DOT vinschen DOT de> From: Mike Fahlbusch Message-ID: <39326e01-31a6-c048-4530-1290b9102e83@cobweb.com.au> Date: Fri, 10 Jun 2016 12:33:30 +0930 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-IsSubscribed: yes Hi Cygwinners, On 10/06/2016 3:19 AM, David Stacey wrote: > On 09/06/16 17:14, Corinna Vinschen wrote: >> On Jun 9 18:02, Marco Atzeri wrote: >>> On 09/06/2016 17:52, Jack Adrian Zappa wrote: >>>> Are you referring to the 83.dotm file? Looks highly suspicious. o.O >>>> >>> It is clearly spam or worse. >>> >>> But some of them will always pass whatever filter the cygwin mail >>> server is implementing. >>> Some of them are reaching any mailbox also company's one. >> I can only agree with Marco. Sourceware is running an agressive spam >> assassin and what not which gets constantly upgraded and fed with known >> spam regulary to hone the filters. However, there's*no* way it will >> always catch all spam or virus or worm. If so, it would probably also >> catch lots of legit mails. > > > In fairness to the Sourceware mail filter, VirusTotal isn't decided on > whether the file is malevolent or not [1]. At present, all of the major > commercial AV tools pass it as clean. If it turns out to be something > unpleasant then we should request the postmaster delete the mail from > the archives. The more people click on the Junk button, the better! -- Regards, Mike -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple