Re: Virus Checking - COMPLETELY UNENCUMBERED!

To: Matthew Grant <grantma@anathoth.gen.nz>, Pixel <pixel@mandrakesoft.com>, debian-devel@lists.debian.org
Cc: Mark Baker <mbaker@iee.org>
Subject: Re: Virus Checking - COMPLETELY UNENCUMBERED!
From: Joseph Carter <knghtbrd@bluecherry.net>
Date: Tue, 14 May 2002 13:35:28 -0700
Message-id: <[🔎] 20020514203528.GF16352@bluecherry.net>
In-reply-to: <[🔎] 20020514204851.A10256@svana.org>
References: <[🔎] 1021202211.532.5.camel@zion> <[🔎] 20020512143514.GB3134@laviola.org> <[🔎] lysn4x1kfi.fsf@leia.mandrakesoft.com> <[🔎] 1021233361.531.2.camel@zion> <[🔎] 20020514093111.GT16352@bluecherry.net> <[🔎] 20020514204851.A10256@svana.org>

On Tue, May 14, 2002 at 08:48:51PM +1000, Martijn van Oosterhout wrote:
> > Frankly, it would be good if someone would add to the useful procmail
> > recipes a filter to remove any executable attachments from an email
> > outright or mark them as spam or delete them or something.  NOBODY should
> > be emailing an executable.  A zip maybe, an image okay.  An executable,
> > particularly a win32 executable is almost guaranteed to be a virus.
> 
> There is a filter available for exim which, when installed, will simply
> bounce any emails with attachments with dodgy looking extensions. It even
> gives a helpful message about putting it in a zip file instead.

Very cool.  (But I'll need to apply magic to it I think, as I use postfix
myself - but most of Debian uses exim by default so this is perfect!)

> It also kills those Seven Dwarves emails. It certainly cut the crap
> around here.
> 
> ftp://ftp.exim.org/pub/filter/system_filter.exim
> 
> After that you need to check the viruses in documents and stuff. If clamav
> can do that, we're all set to roll out push-of-a-button virus-filter debian
> machines :).

Yeah, I'd like to see this specifically (along with a brief set of idiot
instructions for installing it) in README.Debian for exim, if it's not
already there.  (Maintainer Cc'd..)

I'll have to see if I can turn some of it into procmail or some filter I
can apply to postfix, and I'll be sure to let everyone know (especially
postfix maintainer, upstream and the procmail-lib maintainer) what I come
up with when I come up with something, as appropriate.

I must compliment exim for its filter syntax, very simple and very
effective.  I prefer postfix which is IMO a little nicer in the config
file department, and you can't beat the postfix debconf config, but
postfix does not have anything as nice as exim's filters for user mail
filtering - you generally rely on procmail or mailagent which are both
powerful but difficult to use for newbies.

-- 
Joseph Carter <knghtbrd@bluecherry.net>              glDisable (DX8_CRAP);

Now I can finally explain to everyone why I do this.  I just got $7 worth
of free stuff for working on Debian !

Attachment: pgpsIQ1sw2UcS.pgp
Description: PGP signature

Reply to:

References:
- Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Matthew Grant <grantma@anathoth.gen.nz>
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Carlos Laviola <claviola@debian.org>
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Pixel <pixel@mandrakesoft.com>
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Matthew Grant <grantma@anathoth.gen.nz>
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Joseph Carter <knghtbrd@bluecherry.net>
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Martijn van Oosterhout <kleptog@svana.org>

Prev by Date: Re: RMS' girlfriend
Next by Date: Re: Accepted alsa-lib 0.9.0rc1-1 (i386 source)
Previous by thread: Re: Virus Checking - COMPLETELY UNENCUMBERED!
Next by thread: Re: Virus Checking - COMPLETELY UNENCUMBERED!
Index(es):
- Date
- Thread