On Sat, 25 Oct 2003 22:24:26 -0500, Will Trillich <will@serensoft.com> wrote: > On Sun, Sep 28, 2003 at 01:11:27PM -0400, ScruLoose wrote: > > As others have noted, virus traffic is not actually the same as > > spam-traffic, and you might want a particular tool for each job... > > > > That being said, what worked for me was to grab a backport of > > spamassassin 2.55 for woody from http://www.fs.tum.de/~bunk/debian > > (It's listed in apt-get.org) > > and then I added these two lines to /etc/spamassassin/local.cf: > > score MICROSOFT_EXECUTABLE 5 > > score HTML_RELAYING_FRAME 3 > > > > That catches most of the annoying virus traffic, and what leaks > > through I process with sa-learn to educate SA's Bayesian filters. A probably more effective way to fight virus traffic is to use a tool like virussnag. It is a well updated recipe that, for me, has effectively eliminated all viruses without any false-positives or false-negatives. http://www.spamless.us/pub/procmail/virussnag.rc The only problem I am having is that sometimes remote sites strip out the viruses, but then send me an alert. You can configure SpamAssassin to get at those. -- scott c. linnenbringer | sl@panix.com http://www.panix.com/~sl | sl@moslug.org jabber: sl@theoretic.com | irc: Jawoota
Attachment:
pgp9uACnX_Gkf.pgp
Description: PGP signature