The latest (windows) one is kliez.h or some such. I had an infection
from it in a computer (not mine) last week. It is a tough one if you donot
have virus software installed that detects it. It will not allow you to
install virus software if it infects the computer. It took me 4 hours of
making
> I would not be interested in putting in rules for catching every pissant
> windows virus out there, however, if there were a provided set of rules
> (i.e. in a contrib section or similar) that would catch the
> headline-making-windows-worms stuff, that would be a great improvement.
> (I underst
I'm a Mac user, so I presume a virus-checker wouldn't find the Windows viruses.
I'm getting enough Klezes that just the sheer volume is a nuisance.
There are a lot of virii that use the same basic vector: using
to launch the attachment as soon as the message is viewed.
Thus, looking fo
On Sat, 4 May 2002, LuKreme wrote:
>
>
> > I added my own rule to check the message body (no mime-parsing)
> > instead of the Content-Type: header since klez usually comes as an
> > attachment :
>
> That looks pretty nice. Can procmail do that as well?
Of course. See for example
ht
SpamAssassin does not do virus checking for one simple reason:
it would be horrendously innefficient at it. Virus checking vs Spam checking is
analogous to the different between cmp and diff. One is looking at the
bit-level (more or less), while the other is looking for much higher-order
patter
> I added my own rule to check the message body (no mime-parsing)
> instead of the Content-Type: header since klez usually comes as an
> attachment :
That looks pretty nice. Can procmail do that as well? (Never used
procmail except to trigger SA).
If so, that would solve the problem for me as
On Sat, May 04, 2002 at 09:25:09AM -0500, Nathan Neulinger wrote:
| > > If you want to filter these, try something that's designed
| > > for the purpose.
| >
| > Correction: "If you want to filter [viruses], try something
| > that's designed for the purpose."
| >
| > I feel that a rule to catch
On Sat, May 04, 2002 at 09:17:14AM -0700, Bart Schaefer wrote:
| On Sat, 4 May 2002, LuKreme wrote:
|
| > Still, it seems that Spamassassin is already running a lot of checks and
| > having a application/octet-stream or a check for attachment types would
| > be trivial to add.
|
| I get applicat
On Sat, 4 May 2002, LuKreme wrote:
> Still, it seems that Spamassassin is already running a lot of checks and
> having a application/octet-stream or a check for attachment types would
> be trivial to add.
I get application/octet-stream attachments all the time that are comletely
innocent. Often
On Sat, 4 May 2002, Nathan Neulinger wrote:
> I personally couldn't care less about doing generalized virus scanning.
>
> I am however concerned about the constant load on my mail server dealing
> with the worm traffic from these klez/melissa/hybrid/etc. infections.
>
> I would not be intereste
On Saturday, May 4, 2002, at 02:26 AM, Daniel Pittman wrote:
> On Sat, 4 May 2002, LuKreme wrote:
>> OK, I know SA is not an anti virus tool, and frankly I don't care
>> about viruses anyway, but I am getting a lot of exe file attachements
>> the last day or two
>
> [...]
>
>> I was surprised th
> > If you want to filter these, try something that's designed
> > for the purpose.
>
> Correction: "If you want to filter [viruses], try something
> that's designed for the purpose."
>
> I feel that a rule to catch .exe attachments would be great.
> However, if this gets taken as far as blockin
[EMAIL PROTECTED]
> Subject: Re: [SAtalk] Re: Ick Viruses!
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Saturday 04 May 2002 03:26 am, Daniel Pittman wrote:
> > On Sat, 4 May 2002, LuKreme wrote:
> > > OK, I know SA is not an anti virus tool, and frankl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 04 May 2002 03:26 am, Daniel Pittman wrote:
> On Sat, 4 May 2002, LuKreme wrote:
> > OK, I know SA is not an anti virus tool, and frankly I
> > don't care about viruses anyway, but I am getting a lot of
> > exe file attachements the last d
On Sat, 4 May 2002, LuKreme wrote:
> OK, I know SA is not an anti virus tool, and frankly I don't care
> about viruses anyway, but I am getting a lot of exe file attachements
> the last day or two
[...]
> I was surprised there wasn't a .exe rule or a application/octet-stream
> rule.
Those two s
15 matches
Mail list logo
