[clug] Procmail rule to match all this virus email?
Martijn van Oosterhout
kleptog at svana.org
Wed Jan 28 20:12:08 GMT 2004
Hi,
Other than a full virus scanner the only thing I can think of is to match
the body of the virus itself. I don't know how much variation there is in
the virus itself but the base64 body should provide a few nice long strings
that don't appear anywhere else.
Maybe the size of the email?
Hope this helps,
On Thu, Jan 29, 2004 at 07:00:16AM +1100, Michael Still wrote:
>
> Ok,
>
> I've noe received about 200 of these virus emails.
>
> Anyone got a suggestion for a procmail rule which will filter them out? I
> don't want to drop _all_ mail with zip attachments however...
>
> Cheers,
> Mikal
>
> PS: What were the virus scanner people thinking when the wrote the code to
> send me a warning of infection? I have as many of these as I do the virus,
> and I'm _not_infected_!
>
> --
>
> Michael Still (mikal at stillhq.com) | "All my life I've had one dream,
> http://www.stillhq.com | to achieve my many goals"
> UTC + 11 | -- Homer Simpson
>
--
Martijn van Oosterhout <kleptog at svana.org> http://svana.org/kleptog/
> (... have gone from d-i being barely usable even by its developers
> anywhere, to being about 20% done. Sweet. And the last 80% usually takes
> 20% of the time, too, right?) -- Anthony Towns, debian-devel-announce
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux/attachments/20040129/671fe6ac/attachment.bin
More information about the linux
mailing list