testing my defense II - email protection -MAILWASHER-

Discussion in 'other security issues & news' started by xTiNcTion, Nov 4, 2003.

Thread Status:
Not open for further replies.
  1. xTiNcTion

    xTiNcTion Registered Member

    Joined:
    Oct 25, 2003
    Posts:
    253
    hi guys !!
    you are giving me great advices, tkz.

    just tried GFI email test and discover my ISP doesn't care about my emails, so relying on a desktop level protection.

    my NAV goes crazy !!! i saw my emails containing .hta, .vba,. CLID attachment... :(

    just for the test, using Outlook Express, i didn't go with Mailwasher.

    do you think malwasher can protect me from this kind of attack ?

    tkz 2 all of you !!
     
  2. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Mailwasher protects you from spam mail. I personally do not use it as I rarely get spam mail, but there are many who do and swear by it.

    You can configure your Outlook or Outlook Express to block emails containing attachments which may contain a virus by doing the following -.

    1. In OE, click on TOOLS, then click on MESSAGE RULES, [a wee side pop up appears], click on MAIL
    2. Choose NEW RULES, click on NEW - a menu appears.
    3. In #1. check mark the box where it sez "where the subject line contains"
    4. In #2, Check mark the box "delete it".
    5. In #3, click on where it says "contains specific words" [a menu appears]
    6. Type the following in the top bar using only comas between each extension:

    Url,bat, chm, cpl, dbx, hta, ins, isp, jse, js, mda, mdb, mde, ade, adp, mdz, msc, prf, dhx, nch, pcd, reg, scr, crt, inf, shb, shs, pif, lnk, vbe, vb, vbs, bas, mst, scf, msi, msp, swf, asx, wms, cmd, sct, wsc, wsf, wsh, hlp, wab

    If your Norton AV picks them up, the emails will be quarantined with a notification, if your AV doesn't, then the emails will go directly into your delete box. When you do this, your mail will be a bit slower hitting your inbox because of the extra scanning created by this rule, however, it is worth it. Works for me. :)

    - Broke up long line to fix forum widths. Sorry if there isn't supposed to be spaces between the extensions, but the forum width was set too wide with it the way it was - LWM
     
  3. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    You might want to check into Benign:
    '
    http://www.firetrust.com/products/benign/ .

    Between that, the last free version of MW, having OE properly configured and a good AV - I simply don't have any worries about email-born infections. Pete
     
  4. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    Oh you could skip OE and avoid most of the problems in the first place.
     
  5. xTiNcTion

    xTiNcTion Registered Member

    Joined:
    Oct 25, 2003
    Posts:
    253
    and what email client is safer to use?

    o_O o_O
     
  6. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    There is nothing wrong with Outlook Express - it works just fine if you configure it properly along with AV protection. I have used it for 4 years now, have spam rarely, am wise to viruses so don't get trapped anymore, blah, blah.

    Alternatives: you can use Yahoo, Hotmail, Pegasus, Eurdora, or subscribe to and use AOL. There are probably others available, but these come to mind. Good luck.
     
  7. xTiNcTion

    xTiNcTion Registered Member

    Joined:
    Oct 25, 2003
    Posts:
    253
    hey man !
    just configured my OE as you told me then i tried GFIs email test... and guess what

    still getting those attachment: .jpg.hta, CLSID, etc

    whats wrong? o_O o_O
     
  8. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    1. Are they coming into your Inbox or Delete box? If in your delete box, then simply delete it again and its gone without opening. Look in the rules area and there should be a box you can check to Delete from the Server or Do not download from server..... look for it.
    2. Did you type in all those extensions without any spaces between them, using comas only?
    3. Did you click on APPLY NOW and then OK. ? I was giving you the instructions from memory so may have neglected to tell you to this step. :oops:
    It takes a bit of fooling around before you get it right. I had to work on it a bit before I got it right and you will get it right too..
    4. Go back to the menu where it says Mail Rules and check the rule number that you created, highlite it, and there should be something like APPLY NOW, click on it and a pop up should advise you that the new rule has been applied. Until you get that verification, the rule is not in effect. Give it another whirl. :) This is also where you can modify a rule, delete it & so forth. One more thing, make sure your PREVIEW PANE is closed when downloading mail. You can place a PREVIEW icon on your toolbar to open & close mail to suit your needs.

    I stopped the Mimail virus this way as I was getting it in my inbox 3 times a day ... since I created this rule to delete it from the server, I no longer get it. Also with those extensions in my rules, I simply do not get attachments that contain them ... it works!! But be aware your mail will load a tad slower than it used to.

    I am leaving on a wee vacation tomorrow a.m. for a week and apologize I cannot pace you through more thoroughly. However, here is a link that you may find helpful in the meantime. It is geared to Outlook Express and you will find a lot of useful information there..

    http://support.microsoft.com/default.aspx?scid=fh;EN-US;oex

    I will check back here when I return to see if you managed to figure it out or someone else may have helped in the meantime. Cheers.


    - Fixed link - LWM
     
  9. solarpowered candle

    solarpowered candle Registered Member

    Joined:
    Jan 9, 2003
    Posts:
    1,181
    Location:
    new zealand
    I use Benign also . Its not as expensive as it appears as its a one time liscence . Its the unknown virus that benign can protect you from that counts . As 95%of infection comes thru the email its a good thing to have a very good system in place , our anti virus is as good as the last update generally . some thing like benign doesnt rely on such to protect . The good thing about benign is that it will protect your system no matter who is using the pc and downloading mail .
     
  10. bolleke

    bolleke Guest

    Switch to OPERA as browser (E-mailclient included) and
    use 0Spam (free service,nothing to install!)
    http://www.0spam.com/index.shtml
    Bolleke
     
Loading...
Thread Status:
Not open for further replies.