[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: virus detectors addins?

On 2000-05-04 21:26:15 +0200, Tomaz Borstnar wrote:
> See http://www.wolfenet.com/~jhardin/procmail-security.html for procmail 
> based solution that works well - stops spreading of other viruses and trojans..

I second this.

It _could_ be possible to use zmsh to write mail filters, but I'm of the
opinion that the sole purpose of an MTA is to transfer mail, not screw
with it.  A mail filter such as procmail's sole purpose is to screw with
it ;)

Of course, this will only stop your users from receiving such crap, 
it won't stop them from sending it.  But that's why LARTs were invented :)

My only problem with such filtering is that depending on the
implementation, it'll have to be updated for each new exploit :-(

I'm personally using a procmailrc from Craig Johnston <caj@neosoft.com>
which is linked from http://starbase.neosoft.com/~claird/comp.mail.misc/procmail.html
This is a personal, not a system-wide, solution.  It takes the "Lars Wirzenius"
approach of accepting mail from people/lists you specify, then not
trusting anything else.  I don't think that'd be too useful though for
people using MS Windows-based email clients.