Re: Spam alert

To: debian-powerpc@lists.debian.org
Subject: Re: Spam alert
From: Clive Menzies <clive@clivemenzies.co.uk>
Date: Thu, 2 Oct 2003 09:06:01 +0100
Message-id: <[🔎] 20031002080601.GQ32680@apollo>
Mail-followup-to: debian-powerpc@lists.debian.org
In-reply-to: <[🔎] 20031002042303.GA835@ip68-107-137-100.tc.ph.cox.net>
References: <p05100300bba1385238a3@[192.168.0.101]> <[🔎] 20031002042303.GA835@ip68-107-137-100.tc.ph.cox.net>

On (01/10/03 21:23), Chris Tillman wrote:
> On Wed, Oct 01, 2003 at 07:12:26PM -0700, Zach Archer wrote:
> > Hi. I started receiving a whole lot of spam last night, shortly after 
> > subscribing and posting to this newsgroup for the first time. I'm not 
> > sure which brand of net-annoyant it is, but I'm receiving a lot of 
> > messages with big .exe files attached (funny that I can't open these 
> > in my macintosh household)
> > 
> > A lot of these say things like "New critical update" from "Microsoft" 
> > (obviously neither is true)
> > http://www.microsoft.com/security/antivirus/authenticate_mail.asp for info
> > 
> > I'm hoping one of you can take corrective action to kill this virus, 
> > because my mailbox filled to capacity today and started bouncing 
> > messages back to people >:(
> 
> I got sick of this too, and installed a little perl script 
> called popfilter, from web.iscali.it . It took a little while
> to get going, but does the job nicely. The nice thing is you
> don't have to download the message (with the damn attachment), 
> it deletes remotely.
> 
> Here's a .email_blacklist I've used to get most of these bastards:
> 
> 20031001 =>Microsoft<= =>.
> 20031001 =>Client<= =>.
> 20031001 =>User<= =>.
> 20031001 =>Partner<= =>.
> 20031001 =>Consumer<= =>.
> 20031001 =>Customer<= =>.
> 20031001 =>.<= =>Internet
> 20031001 =>.<= =>Critical
> 20031001 =>.<= =>Security
> 20031001 =>.<= =>Microsoft
> 
> I'm planning to set this up in a cron job, because otherwise my
> mailbox fills up as you said. I also gave my ISP an earfull for
> not affering any server side solutions.

Hi Chris

There has been a long running thread on debian-user on these W32/Swen virus
emails and many different solutions proposed.  I tried mailfilter but
was concerned that it might delete stuff from the server that I wanted.
So having reconfigured my mail system from using getmail to fetchmail I
was intending to use procmail and spamassassin.  However, popfilter
looks worth a try - so thanks for this ;)

For everyone else, I would recommend a look at the debian-user archives - 
search separately  on "mail bombs" "swen" "spam" and "virus".  There 
is hours of interesting reading ;)

HTH

Clive


-- 
http://www.clivemenzies.co.uk
strategies for business

Reply to:

References:
- Spam alert
  - From: Zach Archer <chaz@dslnorthwest.net>
- Re: Spam alert
  - From: "Chris Tillman" <toff1@cox.net>

Prev by Date: Re: Spam alert
Next by Date: Re: Memory problems
Previous by thread: Re: Spam alert
Next by thread: Re: Spam alert
Index(es):
- Date
- Thread