Re: Virus Checking - COMPLETELY UNENCUMBERED!
On Tue, May 14, 2002 at 02:31:11AM -0700, Joseph Carter wrote:
> On Mon, May 13, 2002 at 07:56:00AM +1200, Matthew Grant wrote:
> > Does ScannerDaemon (that GPLed java daemon) detect all the Klez worms
> > reliably? Or does its database need updating? If clam AV is not
> > algorithmically at fault, then it means we can go ahead and package it.
>
> Frankly, it would be good if someone would add to the useful procmail
> recipes a filter to remove any executable attachments from an email
> outright or mark them as spam or delete them or something. NOBODY should
> be emailing an executable. A zip maybe, an image okay. An executable,
> particularly a win32 executable is almost guaranteed to be a virus.
There is a filter available for exim which, when installed, will simply
bounce any emails with attachments with dodgy looking extensions. It even
gives a helpful message about putting it in a zip file instead.
It also kills those Seven Dwarves emails. It certainly cut the crap
around here.
ftp://ftp.exim.org/pub/filter/system_filter.exim
After that you need to check the viruses in documents and stuff. If clamav
can do that, we're all set to roll out push-of-a-button virus-filter debian
machines :).
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> Canada, Mexico, and Australia form the Axis of Nations That
> Are Actually Quite Nice But Secretly Have Nasty Thoughts About America
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: