Re: Spam alert
On (01/10/03 21:23), Chris Tillman wrote:
> On Wed, Oct 01, 2003 at 07:12:26PM -0700, Zach Archer wrote:
> > Hi. I started receiving a whole lot of spam last night, shortly after
> > subscribing and posting to this newsgroup for the first time. I'm not
> > sure which brand of net-annoyant it is, but I'm receiving a lot of
> > messages with big .exe files attached (funny that I can't open these
> > in my macintosh household)
> >
> > A lot of these say things like "New critical update" from "Microsoft"
> > (obviously neither is true)
> > http://www.microsoft.com/security/antivirus/authenticate_mail.asp for info
> >
> > I'm hoping one of you can take corrective action to kill this virus,
> > because my mailbox filled to capacity today and started bouncing
> > messages back to people >:(
>
> I got sick of this too, and installed a little perl script
> called popfilter, from web.iscali.it . It took a little while
> to get going, but does the job nicely. The nice thing is you
> don't have to download the message (with the damn attachment),
> it deletes remotely.
>
> Here's a .email_blacklist I've used to get most of these bastards:
>
> 20031001 =>Microsoft<= =>.
> 20031001 =>Client<= =>.
> 20031001 =>User<= =>.
> 20031001 =>Partner<= =>.
> 20031001 =>Consumer<= =>.
> 20031001 =>Customer<= =>.
> 20031001 =>.<= =>Internet
> 20031001 =>.<= =>Critical
> 20031001 =>.<= =>Security
> 20031001 =>.<= =>Microsoft
>
> I'm planning to set this up in a cron job, because otherwise my
> mailbox fills up as you said. I also gave my ISP an earfull for
> not affering any server side solutions.
Hi Chris
There has been a long running thread on debian-user on these W32/Swen virus
emails and many different solutions proposed. I tried mailfilter but
was concerned that it might delete stuff from the server that I wanted.
So having reconfigured my mail system from using getmail to fetchmail I
was intending to use procmail and spamassassin. However, popfilter
looks worth a try - so thanks for this ;)
For everyone else, I would recommend a look at the debian-user archives -
search separately on "mail bombs" "swen" "spam" and "virus". There
is hours of interesting reading ;)
HTH
Clive
--
http://www.clivemenzies.co.uk
strategies for business
Reply to: