He's right. You might want to implement a postfix-amavisdnew-clamav-spamassassin setup.
clamav - antivirus spamassassin - antispam amavisd-new - makes the 2 softwares above work seamlessly with postfix The virus - Worm.SCO.A/MyDoom/Novarg will start its DoS attack on feb.1. You'd better update your firewall as well. You can use this for iptables to avoid DoS: ###### Syn-flood chain ####################################################### $IPTABLES -N syn-flood $IPTABLES -A syn-flood -i eth0 -m limit --limit 75/s --limit-burst 100 -j RETURN $IPTABLES -A syn-flood -i eth1 -j RETURN $IPTABLES -A syn-flood -j DROP $IPTABLES -A INPUT -i eth0 -p tcp --syn -j syn-flood $IPTABLES -A INPUT -i eth1 -p tcp --syn -j syn-flood eth0 is your ethernet card facing the internet eth1 is your intranet or local ethernet card Hope that helps. Good luck! Cheers, fritz <www.mesedilla.com> --- + Basta Ikaw Lord -----Original Message----- From: Reynald I. Ngo [mailto:[EMAIL PROTECTED] Sent: Thursday, January 29, 2004 12:18 PM To: 'Philippine Linux Users Group Mailing List' Subject: RE: [plug] Postfix Problem Hi, Please read sample-regexp-body.cf. You may want to implement AV integration with your postfix. See Amavis. Regards, Reynald I. Ngo =========[Disclaimer]=================================================== The information in this email is for the designated recipient(s) only and may contain privileged, proprietary, or otherwise private information. If you received this in error, please notify the sender immediately and delete this email ASAP. Any other use of content of this email by you is prohibited. ======================================================================== -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vortex Bacolod Sent: Thursday, January 29, 2004 12:03 PM To: [EMAIL PROTECTED] Subject: [plug] Postfix Problem Hi pluggers, Any Postfix gurus here? I need help guys. My mail server keeps on receiving mails with subject HELLO, Test, Status, hello, and etc. Now, I wan to block those incoming mails with these subject. Some have even a zip file attachments. I think this is the MyDoom virus that is spreading around. How do i do that? I'm using RH 7.3. Help is badly needed thanks. Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie ---------------------------------------------------------------------- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender immediately by e-mail and delete this e-mail from your system. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. Overture Media, Inc. Direct Line: (632) 635-4785 Trunkline: (632) 631-8971 Local 146 Fax: (632) 637-2206 Level 1 Summit Media Offices, Robinsons Galleria EDSA Cor. Ortigas Ave., Quezon City 1100 -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
