[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]


On Tue, May 14, 2002 at 02:31:11AM -0700, Joseph Carter wrote:
> On Mon, May 13, 2002 at 07:56:00AM +1200, Matthew Grant wrote:
> > Does ScannerDaemon (that GPLed java daemon) detect all the Klez worms
> > reliably?  Or does its database need updating?  If clam AV is not
> > algorithmically at fault, then it means we can go ahead and package it.
> Frankly, it would be good if someone would add to the useful procmail
> recipes a filter to remove any executable attachments from an email
> outright or mark them as spam or delete them or something.  NOBODY should
> be emailing an executable.  A zip maybe, an image okay.  An executable,
> particularly a win32 executable is almost guaranteed to be a virus.

There is a filter available for exim which, when installed, will simply
bounce any emails with attachments with dodgy looking extensions. It even
gives a helpful message about putting it in a zip file instead.

It also kills those Seven Dwarves emails. It certainly cut the crap
around here.


After that you need to check the viruses in documents and stuff. If clamav
can do that, we're all set to roll out push-of-a-button virus-filter debian
machines :).
Martijn van Oosterhout   <kleptog@svana.org>   http://svana.org/kleptog/
> Canada, Mexico, and Australia form the Axis of Nations That
> Are Actually Quite Nice But Secretly Have Nasty Thoughts About America

To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: