Re: Researching spamblock/antivirus/attachment filters on mail servers

To: <debian-isp@lists.debian.org>
Subject: Re: Researching spamblock/antivirus/attachment filters on mail servers
From: "Balint Laszlo BILLER" <vudumen@sysnet.hu>
Date: Wed, 3 Sep 2003 04:42:07 +0200
Message-id: <[🔎] 01ee01c371c4$f770a830$113346c3@vuducpq>
References: <[🔎] 1062546321.24788.86.camel@skywalker>

for procmail i use this two recipes:

:0B
* (^See the attached file for details)
${MAILDIR}.Virus/

:0B
* (^Please see the attached file for details)
${MAILDIR}.Virus/

maybe it would be better to use
* (^(Please see|See) the attached file for details)
but I didn't tried. It was easier and I didn't have time to experience.
${MAILDIR}.Virus/ could be changed to /dev/null but I like to see my every
email (including the infected mails).

Voodooman

----- Original Message ----- 
From: "Jarle Aase" <jgaa@jgaa.com>
To: <debian-isp@lists.debian.org>
Sent: Wednesday, September 03, 2003 1:45 AM
Subject: Researching spamblock/antivirus/attachment filters on mail servers


> When Sobig.F hit the local MTA, I started to look for a filter to block
> it. I looked at some common approaches, and my first impression was that
> the filters would be pretty easy to bypass. Which again means that lot's
> og MTA's may be vulnerable for the next attachment plague.
>
> In order to research this theory, I need access to email accounts[1] on
> mail-servers that has applied filters to block suspect attachment types
> like "*.pif". The findings will be published on my home-page (and
> possible on BUGTRAQ if I find anything serious), along with tools to
> verify if an MTA indeed stop masqueraded attachments, or stop valid
> emails in error.
>
> If you have a mail-server that is supposed to block such attachments,
> and are willing to help me in my research, please drop me a note. I'm
> looking for anything from simple perl scripts to commercial filters.
>
> Jarle
> [1] The email-accounts will only be used for this purpose.
> -- 
> Jarle Aase                      email: jgaa@jgaa.com
> Author of freeware.             http://www.jgaa.com
>                                 news:alt.comp.jgaa
>
> War FTP Daemon:     http://www.warftp.org
> War FTP Daemon FAQ: http://www.warftp.org/faq/warfaq.htm
> Jgaa's PGP key:     http://war.jgaa.com/pgp
> NB: If you reply to this message, please include all relevant
> information from the conversation in your reply. Thanks.
> <<< no need to argue - just kill'em all! >>>
>
>
> -- 
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
>
>

Reply to:

References:
- Researching spamblock/antivirus/attachment filters on mail servers
  - From: Jarle Aase <jgaa@jgaa.com>

Prev by Date: Researching spamblock/antivirus/attachment filters on mail servers
Next by Date: ip aliasing and second default gw in /etc/network/interfaces
Previous by thread: Researching spamblock/antivirus/attachment filters on mail servers
Next by thread: ip aliasing and second default gw in /etc/network/interfaces
Index(es):
- Date
- Thread