Re: Getting rid of worms and viruses

To: Ross Boylan <RossBoylan@stanfordalumni.org>
Cc: debian-user@lists.debian.org, Ross Boylan <ross@biostat.ucsf.edu>
Subject: Re: Getting rid of worms and viruses
From: Oliver Elphick <olly@lfix.co.uk>
Date: Wed, 24 Sep 2003 11:01:07 +0100
Message-id: <[🔎] 1064397666.6612.69.camel@linda.lfix.co.uk>
In-reply-to: <[🔎] 20030924074356.GB2341@wheat.boylan.org>
References: <[🔎] 20030924074356.GB2341@wheat.boylan.org>

On Wed, 2003-09-24 at 08:43, Ross Boylan wrote:
> I have been getting over 100 of these stupid MS virus emails a day.
> Some are the "install this patch from MS" variety, while some are
> embedded in returns of mail I didn't send.
> 
> This is driving me nuts, and certainly proves that Windows viruses can
> be very harmful to Linux users, even if they can't replicate on Linux.
> What do I need to take care of this (i.e., automatically delete the
> junk)?  In particular, will anti-spam software (e.g., spamassassin)
> take it out, or do I need anti-virus software (e.g., amavis)?
> 
> Is there a clear dividing line between anti-spam and anti-virus
> anymore?  And do people have recommendations other than spamassassin
> and amavis?
> 
> I run Debian systems at home and work, with somewhat different
> configurations.  I plan to migrate home to exim4 at some point, so
> really stuff that works with that would be best.  Here are some high
> points of the systems:
> Home: ISP (earthlink) -> dialup -> fetchmail -> exim3 -> mbox

There is no provision that I know of in fetchmail to filter stuff before
it downloads it, but you could have exim4 filter it before it gets to
your mailbox.

> Work: the internet -> exim4 -> courier IMAP server

My setup rejects both viruses and spam by scanning the message at the
DATA stage of the SMTP conversation.  You need exim4-daemon-heavy with
the acl patch, clamav for virus checking and spamassassin for spam.  Use
sa-learn to educate spamassassin's Bayes filter.  I installed this set
up about 4 days ago and instead of deleting hundreds of spams and
viruses each day, I now have hardly any.

> I'm getting hit on both accounts, and work forwards to home for even
> more fun.  Earthlink claims this is not their problem, which is an
> absurd position, but I'm stuck with it for now.

Can you go to someone else who will let you use SMTP to get mail? (Like
Demon Internet in the UK.)

-- 
Oliver Elphick                                Oliver.Elphick@lfix.co.uk
Isle of Wight, UK                             http://www.lfix.co.uk/oliver
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839  932A 614D 4C34 3E1D 0C1C
                 ========================================
     "And we know that all things work together for good to 
      them that love God, to them who are the called  
      according to his purpose."            
                                   Romans 8:28

Reply to:

Follow-Ups:
- Re: Getting rid of worms and viruses
  - From: Martin Jungowski <jungowsk@in.tum.de>
- Re: Getting rid of worms and viruses
  - From: Richard Kimber <rkimber@ntlworld.com>

References:
- Getting rid of worms and viruses
  - From: Ross Boylan <RossBoylan@stanfordalumni.org>

Prev by Date: ldconfig returns bus error
Next by Date: Re: Getting rid of worms and viruses
Previous by thread: Re: Getting rid of worms and viruses
Next by thread: Re: Getting rid of worms and viruses
Index(es):
- Date
- Thread