> We're being hit by MS security update emails. I know they're > not spam, > but rather more accurately described as virii or worms. > > However, I'm wondering if anyone has a good rule that will mark these?
That's a good question. I got a few of those yesterday (day before?), too. I was freaking out trying to figure out how they got through until I remembered that they were over the 256K size limit for e-mails and bypassed SA. :) Most people who've had these pass through SA have suggested upping the score for e-mails with executables attached. Can't remember the exact rule. Try searching the list archives. The discussions occurred yesterday. Good luck. -Joe K. ------------------------------------------------------- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
