This is the mail archive of the
mailing list for the Cygwin project.
- From: David Stacey <drstacey at tiscali dot co dot uk>
- To: cygwin at cygwin dot com
- Date: Thu, 9 Jun 2016 18:49:09 +0100
- Subject: Re: malware
- Authentication-results: sourceware.org; auth=none
- References: <0D835E9B9CD07F40A48423F80D3B5A7039D920C3 at USA7109MB022 dot na dot xerox dot net> <3227b657-3712-966a-45ed-2bdd0d96d7c3 at gmail dot com> <CAKepmajx8LtDyYun-++CPaSuUMZsEQMKe=P2=JSgZwv36HvmOg at mail dot gmail dot com> <CAKepmai4bt1L_t+YKADFv0wX=MeNUM_D5h0iTCWFRqw=hzc5Qw at mail dot gmail dot com> <c8b4fa97-b7ed-c071-da55-e7246e1a0316 at gmail dot com> <20160609161421 dot GA15058 at calimero dot vinschen dot de>
On 09/06/16 17:14, Corinna Vinschen wrote:
On Jun 9 18:02, Marco Atzeri wrote:
On 09/06/2016 17:52, Jack Adrian Zappa wrote:
Are you referring to the 83.dotm file? Looks highly suspicious. o.O
It is clearly spam or worse.
But some of them will always pass whatever filter the cygwin mail
server is implementing.
Some of them are reaching any mailbox also company's one.
I can only agree with Marco. Sourceware is running an agressive spam
assassin and what not which gets constantly upgraded and fed with known
spam regulary to hone the filters. However, there's*no* way it will
always catch all spam or virus or worm. If so, it would probably also
catch lots of legit mails.
In fairness to the Sourceware mail filter, VirusTotal isn't decided on
whether the file is malevolent or not . At present, all of the major
commercial AV tools pass it as clean. If it turns out to be something
unpleasant then we should request the postmaster delete the mail from
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple