we had some notifications too ... somebody please put those viruscreating maniacs away -----Oorspronkelijk bericht----- Van: Rogers, Brian [mailto:RogersB@xxxxxxxxxxxxxx] Verzonden: woensdag 20 augustus 2003 16:03 Aan: [ISAserver.org Discussion List] Onderwerp: [isalist] Re: Hope you all are ready for SoBig http://www.ISAserver.org Whew..came in this morning....over 5000 notifications of pif/scr attachments eaten overnight. This is ridiculous. -----Original Message----- From: Jim Harrison [ mailto:jim@xxxxxxxxxxxx] Sent: Wednesday, August 20, 2003 9:08 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Hope you all are ready for SoBig http://www.ISAserver.org Agreed; especially in technical forums. Anything that deserves illustration beyond ASCII characters is best left to attachments. I configure my "public" mail readers to render and compose in plain text only. This allows me to concentrate on the problem, not the pretty backgrounds and fonts some folks find interesting. Also, if you never render HTML in your preview or actual reading windows, you won't help the spammer / worm distribution efforts that depend on them. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! On Tue, 19 Aug 2003 18:59:39 -0700 "cismic" <cismic@xxxxxxx> wrote: http://www.ISAserver.org Well some common sense on the receiving of mail. 1. I don't care about all the pretty graphics that arrive via mail. A. When you get one of those in your in box and one of the graphics has an ip address associated with it that data is sent back to some server out there informing it has a valid email address. Not in that sense but, someone can harvest the web log where the graphic resides and corralate that back to a valid email. B. I also setup my reg to only read as plain text and don't allow auto response: Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Options\Mail] "Message RTF Format"=dword:00000001 "EnableLogging"=dword:00000000 "Receipt Response"=dword:00000001 "Hangup after Spool"=dword:00000000 "EditorPreference"=dword:00020000 "AdHocReviewBehavior"=dword:00000001 "ReadAsPlain"=dword:00000001 C. Some simple changes to how *.pifs are opened including *.scr's should go a long way. 1. Yup set explorer to open unknown files with notpad is one [HKEY_CLASSES_ROOT\Unknown\shell\Open\Command] @="notepad.exe %1" 2. Add the following to a reg file (back things up first before applying) and this will associate *.pif and *.scr with notepad. [HKEY_CLASSES_ROOT\.scr] "Content Type"="text/plain" @="txtfile" [HKEY_CLASSES_ROOT\.scr\ShellNew] "NullFile"="" [HKEY_CLASSES_ROOT\.pif] "Content Type"="text/plain" @="txtfile" [HKEY_CLASSES_ROOT\.pif\ShellNew] "NullFile"="" 2. Just another quick reference guide. http://msdn.microsoft.com/msdnmag/issues/03/05/virushunting/default.aspx Joseph -----Original Message----- From: Jim Harrison [ mailto:jim@xxxxxxxxxxxx] Sent: Tuesday, August 19, 2003 12:35 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Hope you all are ready for SoBig http://www.ISAserver.org That's why I love my RAV on Copmmunigate Pro; I got lots of RAV emails, but the virus is stopped cold at the server. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Richard Bell" <rbell@xxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Tuesday, August 19, 2003 11:05 Subject: [isalist] Hope you all are ready for SoBig http://www.ISAserver.org > It's back and with a vengeance. I have had over 500 hits in the last > three hours. Filter all SMTP for .pif and .scr extensions, also for > the file "your_details.zip" This latest round seems to be worse then > the first. > > > Richard Bell > MIS Director > Microfilm Services, Inc. > www.msifla.net > rbell@xxxxxxxxxx > > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: rogersb@xxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: s.vandijk@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')