Re: getting viruses/spam after posting to this list
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Please adjust your word wrap to 72 columns to allow for quoting.
On Thu, Oct 16, 2003 at 10:56:13AM +0100, Eliot Stock wrote:
> After my first post to this list last night, I woke up this morning
> to find 40 helpful "MS security updates" in my inbox. How are other
> people dealing with this?
I'm glad you asked. Feel free to make a cron script to grab this
handy, dandy net-lsearch-able list of relays I've found to have virus
infected users behind them and put it in /etc/exim4/infected-hosts.txt
http://ursine.ca/~baloo/infected-hosts.txt
Please don't abuse my server, be reasonable about your timing. It
gets updated several times a day, try to avoid fetching more than four
times a day, two should be enough.
Easy to impliment, as well. If you use exim4, add this to
/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt
# Virus spewing hosts.
deny message = $sender_host_address has been sending or relaying viruses. If you are now clean, please forward this message to postmaster@ursine.ca.
log_message = $sender_host_address is listed in infected-hosts
hosts = net-lsearch;/etc/exim4/infected-hosts.txt
> Is obfuscating addresses on the list pointless because harvesters
> aren't fooled?
Among other reasons. http://www.interhack.net/pubs/munging-harmful/
Treat the problem, not the symptoms. Report mail and news abuse.
Munging is accepting the problem.
- --
.''`. Paul Johnson <baloo@ursine.ca>
: :' :
`. `'` proud Debian admin and user
`- Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/jnK3UzgNqloQMwcRAjk7AJ9LK2PKCva9Kn8K1UxQ2VsJrig5XQCfXwdi
TxAGbjCbea3qXXAN/4GpYNs=
=1Usd
-----END PGP SIGNATURE-----
Reply to: