List Info

Thread: What is Email.Faketube?
What is Email.Faketube?
country flaguser name
United States		 2007-08-26 00:22:24 

  


  

    
hi

I sent an email to a user in the same domain, it had no attachments. That email bounced and the message reads,

Reporting-MTA: dns; mail.mycompany.com


Final-Recipient: hyd.greynium.com">rfc822;santaram.bmycompany.com
Action: failed
Status: 5.0.0
Diagnostic-code smtp; Site 
mail.mycompany.com (xx.xxx.xx.xxx) said after data sent: 554 Failure Message contains an infected attachment (Email.Faketube)

We use Clamav 0.91.2 with Surgemail 3.8m-1
 (Linux). Is this purely a clamav issue?

regards,

-- 
--
B.G. Mahesh



  

  
  
   
     
    

  

    Re:  What is Email.Faketube?
  


  

     country flaguser name
United States		
     2007-08-26 01:15:47
  


  

    

  


  

    

I don't think it's a virus.  It must have something 
to do with Clam... as http://www.norman.com/ 's anti-virus 
software does the same thing.


I'd guesstimate that they'll fix it in the next update, 
hopefully.


 


Other note: ; installing the ClamWin 'update' on a 
computer here in the office now causes a failure in "saving your settings" when 
Windoze logs off... which in turn causes a "unable to read your profile file" on 
restart or login -- which means that the Clam 'update' tried to mess with the 
currently logged-in user's profile at the time the 
'update' was installed.


Simply great... but hey, we shouldn't expect 'free' 
software to be free from bugs, huh?


 


And don't forget to post an answer to my previous email 
requesting input about ;how many "and ip url" instances you find when you do 
a search of the mbox dir.


 


BarryZ


1USA


 


 


----- Original Message ----- 



Sent: Sunday, August 26, 2007 1:22 AM


Subject: [SurgeMail List] What is Email.Faketube?




hi

I sent an email to a user in the same 
domain, it had no attachments. That email bounced and the message reads,

Reporting-MTA: dns; mail.mycompany.com


Final-Recipient: mycompany.com">rfc822;santaram.bmycompany.com
Action: failed
Status: 5.0.0
Diagnostic-code smtp; Site 
mail.mycompany.com (xx.xxx.xx.xxx) said after data sent: 554 Failure Message contains an infected attachment (Email.Faketube)

We 
use Clamav 0.91.2 with Surgemail 
3.8m-1 (Linux). Is this purely a clamav issue?

regards,

-- 

--
B.G. Mahesh


  

  
  
   
     
    

  

    Re:  What is Email.Faketube?
  


  

     country flaguser name
United States		
     2007-08-26 07:26:36
  


  

    

  


  

    

On 8/26/07,  webmaster1usa.com">webmaster1usa.com < webmaster1usa.com">webmaster1usa.com&gt; wrote:










I don't think it's a virus.&nbsp; It must have something 
to do with Clam... as http://www.norman.com/ 9;s anti-virus 
software does the same thing.


I'd guesstimate that they'll fix it in the next update, 
hopefully.


 


Other note: ; installing the ClamWin 'update' on a 
computer here in the office now causes a failure in "saving your settings&quot; when 
Windoze logs off... which in turn causes a "unable to read your profile file" on 
restart or login -- which means that the Clam 'update' tried to mess with the 
currently logged-in user's profile at the time the 
'update' was installed.


Simply great... but hey, we shouldn9;t expect 'free&#39; 
software to be free from bugs, huh?


Let me check with the logs and see what could the issue
&nbsp;



And don't forget to post an answer to my previous email 
requesting input about ;how many "and ip url" instances you find when you do 
a search of the mbox dir.


Unfortunately our folks couldn';t find anything significant when they searched, so I just gave up. I should have posted that response, I am sorry for keeping you all informed.




regards,


BarryZ



1USA


 


 





hi

I sent an email to a user in the same 
domain, it had no attachments. That email bounced and the message reads,

Reporting-MTA: dns; mail.mycompany.com



Final-Recipient:  santaram.bmycompany.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">rfc822;santaram.bmycompany.com
Action: failed
Status: 5.0.0
Diagnostic-code smtp; Site 

mail.mycompany.com (xx.xxx.xx.xxx) said after data sent: 554 Failure Message contains an infected attachment (Email.Faketube)

We 
use Clamav 0.91.2 with Surgemail 
3.8m-1 (Linux). Is this purely a clamav issue?

regards,

-- 

--
B.G. Mahesh






-- 
--
B.G. Mahesh
http://www.greynium.com/
http://www.oneindia.in/

http://www.click.in/ - Online Classifieds for India

  

  
  
   
     
    

  

    Re:  What is Email.Faketube?
  


  

     country flaguser name
New Zealand		
     2007-08-26 17:39:12
  


  

    

BG Mahesh wrote:
> 
> hi
> 
> I sent an email to a user in the same domain, it had no
attachments. 
> That email bounced and the message reads,
> 
> Reporting-MTA: dns; mail.mycompany.com
>  <http://mail.mycompany.c
om>
> 
> Final-Recipient: rfc822;santaram.bmycompany.com
> Action: failed
> Status: 5.0.0
> Diagnostic-code smtp; Site 
> mail.mycompany.com <http://mail.mycompany.c
om> (xx.xxx.xx.xxx) said after data sent: 554 Failure
Message contains an infected attachment (Email.Faketube)
> 
> 
> We use Clamav 0.91.2 with Surgemail 3.8m-1 (Linux). Is
this purely a 
> clamav issue?
> 
> regards,
> 
> -- 
> --
> B.G. Mahesh
> 

A quick search on google shows it is a virus. You would need
to contact 
CLAM I guess for more information.

Regards,
Stuart


-- 
When replying please quote original message to save time and
always let
us know what OS and version of SurgeMail you are using.

************************************************************
****************
If you wish to communicate with other users and talk about
SurgeMail and
also get news about updates etc then join the SurgeMail
List.
Send an email to surgemail-list-requestnetwinsite.com with only 
"subscribe" in the message body

FAQ - http
://www.netwinsite.com/surgemail/help/faq.htm
************************************************************
**************** 





  


  

    
  

  
  
   
     
    

  

    Re:  What is Email.Faketube?
  


  

     country flaguser name
United States		
     2007-08-28 07:37:14
  


  

    

  


  

    
We added the following to clamav conf file

PhishingSignatures No

Not the best thing to do, but no choice :-(

On 8/27/07, SurgeMail Support
 < surgemail-supportnetwinsite.com">surgemail-supportnetwinsite.com> wrote:



BG Mahesh wrote:
>;
> hi
>
&gt; I sent an email to a user in the same domain, it had no attachments.
> That email bounced and the message reads,
>;
> Reporting-MTA: dns; 
mail.mycompany.com
 <http://mail.mycompany.com>
&gt;
> Final-Recipient: rfc822;santaram.bmycompany.com
> Action: failed

&gt; Status: 5.0.0
> Diagnostic-code smtp; Site
> mail.mycompany.com <http://mail.mycompany.com> (xx.xxx.xx.xxx) said after data sent: 554 Failure Message contains an infected attachment (
Email.Faketube)
&gt;
>
>; We use Clamav 0.91.2 with Surgemail 3.8m-1 (Linux). Is this purely a
> clamav issue?
>;
> regards,
&gt;
> --
> --
> B.G. Mahesh
>;


A quick search on google shows it is a virus. You would need to contact
CLAM I guess for more information.

Regards,
Stuart


--
When replying please quote original message to save time and always let

us know what OS and version of SurgeMail you are using.

****************************************************************************
If you wish to communicate with other users and talk about SurgeMail and

also get news about updates etc then join the SurgeMail List.
Send an email to  surgemail-list-requestnetwinsite.com">surgemail-list-requestnetwinsite.com with only
";subscribe&quot; in the message body


FAQ - http://www.netwinsite.com/surgemail/help/faq.htm
****************************************************************************








-- 
--
B.G. Mahesh
http://www.greynium.com/
http://www.oneindia.in/

http://www.click.in/ - Online Classifieds for India

  

  
  
   
     
    

  

    Re:  What is Email.Faketube?
  


  

     country flaguser name
New Zealand		
     2007-08-28 17:28:12
  


  

    

BG Mahesh wrote:
> 
> We added the following to clamav conf file
> 
> PhishingSignatures No
> 
> Not the best thing to do, but no choice :-(

Perhaps you might be wise to investigate why CLAM doesn't
like your 
signatures, I am assuming it doesn't like one of your URL's
for some 
reason.  Even if you turn it off on your server anyone you
send email to 
running CLAM or possibly other scanners is going to reject
your mail.
CLAM have a forum so you could ask in there.

Regards,
Stuart

> 
> On 8/27/07, *SurgeMail Support *
<surgemail-supportnetwinsite.com 
> <mailto:surgemail-supportnetwinsite.com>>
wrote:
> 
> 
> 
>     BG Mahesh wrote:
>      >
>      > hi
>      >
>      > I sent an email to a user in the same domain,
it had no attachments.
>      > That email bounced and the message reads,
>      >
>      > Reporting-MTA: dns; mail.mycompany.com <http://mail.mycompany.c
om>
>      >  <http://mail.mycompany.c
om>
>      >
>      > Final-Recipient: rfc822;santaram.bmycompany.com
>     <http://mycompany.com>

>      > Action: failed
>      > Status: 5.0.0
>      > Diagnostic-code smtp; Site
>      > mail.mycompany.com <http://mail.mycompany.c
om>
>     <http://mail.mycompany.c
om> (xx.xxx.xx.xxx) said after data sent:
>     554 Failure Message contains an infected attachment
( Email.Faketube)
>      >
>      >
>      > We use Clamav 0.91.2 with Surgemail 3.8m-1
(Linux). Is this purely a
>      > clamav issue?
>      >
>      > regards,
>      >
>      > --
>      > --
>      > B.G. Mahesh
>      >
> 
>     A quick search on google shows it is a virus. You
would need to contact
>     CLAM I guess for more information.
> 
>     Regards,
>     Stuart
> 
> 
>     --
>     When replying please quote original message to save
time and always let
>     us know what OS and version of SurgeMail you are
using.
> 
>    
************************************************************
****************
>     If you wish to communicate with other users and
talk about SurgeMail and
>     also get news about updates etc then join the
SurgeMail List.
>     Send an email to surgemail-list-requestnetwinsite.com
>     <mailto:surgemail-list-requestnetwinsite.com> with only
>     "subscribe" in the message body
> 
>     FAQ - http
://www.netwinsite.com/surgemail/help/faq.htm
>    
************************************************************
****************
> 
> 
> 
> 
> 
> -- 
> --
> B.G. Mahesh
> http://www.greynium.com/

> http://www.oneindia.in/
> http://www.click.in/
- Online Classifieds for India


-- 
When replying please quote original message to save time and
always let
us know what OS and version of SurgeMail you are using.

************************************************************
****************
If you wish to communicate with other users and talk about
SurgeMail and
also get news about updates etc then join the SurgeMail
List.
Send an email to surgemail-list-requestnetwinsite.com with only 
"subscribe" in the message body

FAQ - http
://www.netwinsite.com/surgemail/help/faq.htm
************************************************************
**************** 





  


  

    
  

  
  
   
     
    

  

    Re:  What is Email.Faketube?
  


  

     country flaguser name
United States		
     2007-08-28 22:15:16
  


  

    

  


  

    

On 8/29/07, SurgeMail Support < surgemail-supportnetwinsite.com">surgemail-supportnetwinsite.com> wrote:



BG Mahesh wrote:
>;
> We added the following to clamav conf file
>
> PhishingSignatures No
>
&gt; Not the best thing to do, but no choice :-(

Perhaps you might be wise to investigate why CLAM doesn't like your

signatures, I am assuming it doesn't like one of your URL's for some
reason. &nbsp;Even if you turn it off on your server anyone you send email to
running CLAM or possibly other scanners is going to reject your mail.

CLAM have a forum so you could ask in there.

Regards,
Stuart





Actually this is happening when emails don't have any URLs also. Anyway,&nbsp; I have posted on Clamav group



-- 
--
B.G. Mahesh



  

  
  
   
     
    






 [1-7]











   
 





about | contact  Other archives ( Real Estate discussion Medical topics )