[Cialug] [OT] AV test

Lathrop Preston lathrop at prestonfam.org
Tue Oct 6 08:58:31 CDT 2009 

However I do not see signs of attachment sending there...

On Tue, Oct 6, 2009 at 8:52 AM, Jeffrey Ollie <jeff at ocjtech.us> wrote:
> On Tue, Oct 6, 2009 at 8:42 AM, Daniel A. Ramaley
> <daniel.ramaley at drake.edu> wrote:
>> I have a quick favor to ask.
>>
>> We're trying to verify that our anti-virus system is actually working at
>> detecting viruses inside of zip files. However, every attempt i've made
>> to send a virus into Drake has been met with failure as every other e-
>> mail system i have access to does not allow for sending viruses.
>>
>> Could someone who can send unfiltered mail please download eicar_com.zip
>> (a test virus file--not a real virus) from the URL below and e-mail it
>> to me? Then please send a separate mail letting me know to look for it.
>> Hopefully i won't receive the virus, but it will be caught in a
>> quarantine. Here's the URL:
>> http://www.eicar.org/anti_virus_test_file.htm
>
> Hmm, how soon it is that everyone forgets the power of telnet to send email:
>
>    [jcollie at lt26923 ~]$ telnet proof01.drake.edu. 25
>    Trying 192.84.11.6...
>    Connected to proof01.drake.edu..
>    Escape character is '^]'.
>    220 ***********************************************************
>    EHLO lt26923.campus.dmacc.edu
>    250-dial-proof01.drake.edu Hello [161.210.45.123], pleased to meet you
>    250-ENHANCEDSTATUSCODES
>    250-PIPELINING
>    250-8BITMIME
>    250-SIZE
>    250-DSN
>    250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5
>    250-XXXXXXXXA
>    250 XXXB
>    MAIL From: <jeff at ocjtech.us>
>    250 2.1.0 <jeff at ocjtech.us>... Sender ok
>    RCPT To: <daniel.ramaley at drake.edu>
>    250 2.1.5 <daniel.ramaley at drake.edu>... Recipient ok
>    DATA
>    354 Enter mail, end with "." on a line by itself
>    From: <jeff at ocjtech.us>
>    To: <daniel.ramaley at drake.edu>
>    Subject: Test
>    MIME-Version: 1.0
>    Content-Type: application/octet-stream
>    Content-Transfer-Encoding: base64
>
>    <yadda yadda yadda>
>    .
>    250 2.0.0 n96DiLWN004621 Message accepted for delivery
>    QUIT
>    221 2.0.0 dial-proof01.drake.edu closing connection
>    Connection closed by foreign host.
>
> Replace yadda yadda yadda with the base64 encoded content of your choice.
>
> --
> Jeff Ollie
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>



-- 
=====================================
Lathrop Preston

Sent from Des Moines, Iowa, United States

More information about the Cialug mailing list