Recently my inbox gets flooded with several long E-mail messages created by
the Sobig virus.
They have such contents that it should be easy to filter most of them out
by means of procmail.
Before I invest time in the subject, I'd like to know if anyone already
developed a procmail recipe for this
Before I invest time in the subject, I'd like to know if anyone
already developed a procmail recipe for this virus, based upon the
Google for it; I saw such a recipe mentioned in several places.
--
Muli Ben-Yehuda
http://www.mulix.org
pgp0.pgp
Description: PGP signature
On Thu, Aug 21, 2003, Muli Ben-Yehuda wrote about Re: Procmail recipe for filtering
Sobig-originated E-mail?:
Before I invest time in the subject, I'd like to know if anyone
already developed a procmail recipe for this virus, based upon the
Google for it; I saw such a recipe mentioned
Thanks to everyone who yelled RTFM, in the most polite way possible.
I googled and upgraded my .procmailrc file.
The rule which I added is:
:O
* 99000
* 12
* ^Content-Type:.*multipart/mixed;
{
:O B
* ^See the attached file for details
* ^Content-Transfer-Encoding: base64
On Thu, Aug 21, 2003, Omer Zak wrote about Re: Procmail recipe for filtering
Sobig-originated E-mail?:
For me, as for now, the big problem is not the bounces but the virus
E-mails themselves.
Oh... Since I have an virtually infinite mailbox (hard disks now cost
about $1-$2 per GB...), I
On Thursday 21 August 2003 18:19, Nadav Har'El wrote:
Interesting how viruses got bloated ;)
A relevant quote:
Windows is NOT a virus: a virus is small and efficient.
--Jonathan Leffler, Informix
--
Oron Peled Voice/Fax:
Notice that filtering based on the subject opens the possibility for
false-positive, since a possible innocent mail might include in it's
body the sentence See the attached file... (and, it's not that far
fetched).
I think it's even better filtering via your SMTP server, if you have
one. It
On Thu, Aug 21, 2003, Boaz Rymland wrote about Re: Procmail recipe for filtering
Sobig-originated E-mail?:
Notice that filtering based on the subject opens the possibility for
false-positive, since a possible innocent mail might include in it's
body the sentence See the attached file