█████████████████████████████████████████████████████████████
█════█ █════█ █════█ █════█ █════█ █════█
█ █════█ █════█ █════█ █════█ █════█ █
█════█ █════█ █════█ █════█ █════█ █════█
█ █════█ █════█ █
█════█ █════█
█ D'Bridge EMAIL System █
Copyright (c) by Nick J. Andre, Ltd.

VERSION 3.99 SERVICE RELEASE 16 - DECEMBER 3 2017 -------------------------------------------------

This very minor release changes the way MSGID is computed for the D'Bridge Editor. Note that the MSGID kludge is only done for Echomail messages; the kludge is not present in NETmail messages.

At the last minute, a serious bug with TIC file handling was caught and resolved. Note that if a system is not defined in the Config-Fileecho/TIC screen, and that system sends a TIC file, the TIC and related file is moved
to BADTICS for your inspection.

No other changes were made at this time.

Nick Andre
www.net229.org

--- D'Bridge 3.99
* Origin: Darkrealms (1:229/426)

Hello Nick!

Sunday December 03 2017 11:52, you wrote to All:

Clamav (0.99.2) has reared its head again and found a false posative for this release.

This is with an up to date version of the virus files etc.

VERSION 3.99 SERVICE RELEASE 16 - DECEMBER 3 2017 -------------------------------------------------

This very minor release changes the way MSGID is computed for the
D'Bridge Editor. Note that the MSGID kludge is only done for Echomail messages; the kludge is not present in NETmail messages.

At the last minute, a serious bug with TIC file handling was caught
and resolved. Note that if a system is not defined in the Config-Fileecho/TIC screen, and that system sends a TIC file, the TIC
and related file is moved to BADTICS for your inspection.

No other changes were made at this time.

Nick Andre
www.net229.org

Vince

--- Mageia Linux v5.1/Mbse v1.0.7.4/GoldED+/LNX 1.1.501-b20150715
* Origin: Air Applewood, The Linux Gateway to the UK & Eire (2:250/1)

Vince,

Clamav (0.99.2) has reared its head again and found a false posative for this release.

This is with an up to date version of the virus files etc.

I would say to either live with it or dump Clamav ...

\%/@rd

--- D'Bridge 3.99
* Origin: Resist-Insist-Persist-Enlist / onwardtogether.org (2:292/854)

VERSION 3.99 SERVICE RELEASE 16 - DECEMBER 3 2017

Works here.

\%/@rd

--- D'Bridge 3.99 SR16
* Origin: Resist-Insist-Persist-Enlist / onwardtogether.org (2:292/854)

* An ongoing debate between Vince Coen and Nick Andre rages on ...

Clamav (0.99.2) has reared its head again and found a false posative
for this release.

Yes, but it's the same exact error as last time, so it's safe to ignore for now, in my opinion. The previous error (and probably this one, too) had to do with the Sleep.Exe program, not DB itself. I will be keeping it up for download

here. :)

i.e. If you're curious, install this release in a sandbox and scan the files with ClamAV to see where the false positive resides ...


.- Keep the faith, --------------------------------------------------.
| |
| Ben aka cMech Web: http|ftp|binkp|telnet://cmech.dynip.com |
| Email: fido4cmech(at)lusfiber.net |
| Home page: http://cmech.dynip.com/homepage/ |
| | `-------- WildCat! BBS 24/7 +1-337-984-4794 any BAUD 8,N,1 -------'

... Catatonic (n): Geritol for cats
--- GoldED+/W32-MSVC v1.1.5-b20170303 under Win32/VM via Mystic BBS!
* Origin: FIDONet - The Positronium Repository (1:393/68)

On 2017 Dec 04 00:07:56, you wrote to Vince Coen:

Clamav (0.99.2) has reared its head again and found a false posative
for this release.

This is with an up to date version of the virus files etc.

I would say to either live with it or dump Clamav ...

in INFOSEC, the proper thing to do is to report the false positive...

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... Cats, like butterflies, need no excuse
---
* Origin: (1:3634/12.73)

Hello Ward!

04 Dec 2017 00:07, Ward Dossche wrote to Vince Coen:

Vince,

Clamav (0.99.2) has reared its head again and found a false posative
for this release.

This is with an up to date version of the virus files etc.

I would say to either live with it or dump Clamav ...

wow

Vince what virus name ?

put that virus signature name in local.ign2 it must be the exact virus name if official sigs used only

sigtool --unpack-current=daily

see file that ends with ign2 for syntax


Ward: clamav can be used on windows xp aswell, to test if you have virus or not, dont blame clamav if you have it


Regards Benny

... there can only be one way of life, and it works :)

--- Msged/LNX 6.2.0 (Linux/4.12.12-gentoo (i686))
* Origin: I will always keep a PC running CPM 3.0 (2:230/0)

Ward: clamav can be used on windows xp aswell, to test if you have virus or not, dont blame clamav if you have it

l don't run WinXP.

I don't have Clam Chowder.

I don't have viruses.

Anything else?

Ward
--- Change is inevitable
* Origin: Baby-Glacier in MOB mode (2:292/854.1)

Hello Ward!

Monday December 04 2017 00:07, you wrote to me:

Vince,

Clamav (0.99.2) has reared its head again and found a false
posative for this release.

This is with an up to date version of the virus files etc.

I would say to either live with it or dump Clamav ...

I would like to replace it but cannot find a free replacement that works under Linux.

While for the usage of the bbs/mailer and my other work using Linux does not require a virus checking tool a large number of Windows and dos based software that is pushed onto the BBS filebase and likewise to downlinks does.

I must have another look at DB to see exactly what it is complaining about but just might be the install tool or another binary.


Vince

--- Mageia Linux v5.1/Mbse v1.0.7.4/GoldED+/LNX 1.1.501-b20150715
* Origin: Air Applewood, The Linux Gateway to the UK & Eire (2:250/1)

Hello Ben!

Sunday December 03 2017 19:03, you wrote to me:

Clamav (0.99.2) has reared its head again and found a false
posative for this release.

Yes, but it's the same exact error as last time, so it's safe to
ignore for now, in my opinion. The previous error (and probably this
one, too) had to do with the Sleep.Exe program, not DB itself. I will
be keeping it up for download here. :)

i.e. If you're curious, install this release in a sandbox and scan the
files with ClamAV to see where the false positive resides ...

Cannot test that as I run Linux and cannot execute dos or win binaries.

Worse still is that there is no sub command for the file tossing executable to bypass the virus check.

Hmm, might be time to add that to the source code.

Vince

--- Mageia Linux v5.1/Mbse v1.0.7.4/GoldED+/LNX 1.1.501-b20150715
* Origin: Air Applewood, The Linux Gateway to the UK & Eire (2:250/1)

Hello Benny!

Monday December 04 2017 06:03, you wrote to Ward Dossche:

Clamav (0.99.2) has reared its head again and found a false
posative for this release.

This is with an up to date version of the virus files etc.

I would say to either live with it or dump Clamav ...

wow

Vince what virus name ?

put that virus signature name in local.ign2 it must be the exact virus
name if official sigs used only

sigtool --unpack-current=daily

see file that ends with ign2 for syntax

That did not do a thing really :

When running clamscan *.ZIP I get :

--
DB399GRG.ZIP: Win.Virus.Virut-5914242-0 FOUND
DB399SRG.ZIP: Win.Virus.Virut-5914242-0 FOUND
--

So I put 'Win.Virus.Virut-5914242-0' into file local.ign2

then ran sigtool --unpack-current=daily

Then looked at daily.ign2 with search for above name starting with WIN.Virus with no results.

In fact there are no entries starting with Win.Virus

Then tried with sigtool --unpack-current=main
and looked at most of the files starting with 'main.' and also got nothing.

Not one starting with Win.Virus.Virut



Vince

--- Mageia Linux v5.1/Mbse v1.0.7.4/GoldED+/LNX 1.1.501-b20150715
* Origin: Air Applewood, The Linux Gateway to the UK & Eire (2:250/1)

Hello Ward!

04 Dec 2017 09:37, Ward Dossche wrote to Benny Pedersen:

l don't run WinXP.

so you changed origin to something not include xp ? :=)

I don't have Clam Chowder.

on windows clamav is named clamwin

I don't have viruses.

sure ?

Anything else?

its not monday yet :=)


Regards Benny

... there can only be one way of life, and it works :)

--- Msged/LNX 6.2.0 (Linux/4.14.3-gentoo (i686))
* Origin: I will always keep a PC running CPM 3.0 (2:230/0)

Hello Vince!

04 Dec 2017 17:39, Vince Coen wrote to Benny Pedersen:

--
DB399GRG.ZIP: Win.Virus.Virut-5914242-0 FOUND

Not one starting with Win.Virus.Virut

its in daily.ldb

see reply to Nick

local.ign2 should be same place as daily.cld or daily.cvd

clamconf would be usefull for me to make more help

linux:

sigtool --unpack-current=daily
grep Win.Virus.Virut-5914242-0 daily.ldb | sigtool --decode-sigs

shows it :)



Regards Benny

... there can only be one way of life, and it works :)

--- Msged/LNX 6.2.0 (Linux/4.14.3-gentoo (i686))
* Origin: I will always keep a PC running CPM 3.0 (2:230/0)

l don't run WinXP.

so you changed origin to something not include xp ? :=)

I do have a machine with WinXP on it ... that's what the origin said.

\%/@rd

--- D'Bridge 3.99 SR16
* Origin: Resist-Insist-Persist-Enlist / onwardtogether.org (2:292/854)

Hello Ward!

05 Dec 2017 09:50, Ward Dossche wrote to Benny Pedersen:

I do have a machine with WinXP on it ... that's what the origin said.

i have a drone in my pocket :=)


Regards Benny

... there can only be one way of life, and it works :)

--- Msged/LNX 6.2.0 (Linux/4.14.3-gentoo (i686))
* Origin: I will always keep a PC running CPM 3.0 (2:230/0)