Also Sprach Crispin Cowan:
> ObSecurity: I've received about three copies of that new virus (I forget
> the name) in the last 24 hours. No impact on me (Linux mail client)
> but one of our business guys got bit. Anyone else getting hammered?
I've started just dumping stuff like that. Actually, I think if you
look at /etc/procmailrc on Mithra you'll see some filtering I started.
Here's a cut from what I'm using now:
JAIL=quarantine@private
FILTMSG="X-QCSN-Warning: "
:0 BH
* ^Content-(Type|Disposition):.*$?.*name=".*\.(scr|pif|dll|exe|com|lnk|bat)"
{
:0 f
| formail -A "$FILTMSG Illegal extension, sent to quarantine"
:0
! ${JAIL}
}
(The filter message makes it easy for me to see which of my rules
caught a particular message.)
Wil
--
W. Reilly Cooley wcooley@private
Naked Ape Consulting http://nakedape.cc
irc.linux.com #orlug,#pdxlug,#lnxs
The most costly of all follies is to believe passionately in the palpably
not true. It is the chief occupation of mankind.
-- H.L. Mencken
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:34:55 PDT