I've gotten this virus with a blank subject as well as a subject of random letters. As this code is actually part of my pre-download virus scanner, I'd rather see a virus spam and delete it by hand than accidently delete something that is not spam.
(the code auto-deletes messages)
>Michael:
>
>Just a heads-up, I received a few emails today with a ZIP attachment. The
>ZIP file contained a PIF file that included the virus.
>
>--
>Mosh Teitelbaum
>evoch, LLC
>Tel: (301) 942-5378
>Fax: (301) 933-3651
>Email: [EMAIL PROTECTED]
>WWW: http://www.evoch.com/
>
>-----Original Message-----
>From: Michael Dinowitz [mailto:[EMAIL PROTECTED]
>Sent: Tuesday, January 27, 2004 2:30 PM
>To: CF-Talk
>Subject: Fast AV Code
>
>
>-- This was sent earlier but Earthlink is probably screwed up with the
>virus. If you see it again, that's why. --
>
>When we had the last virus outbreak, I wrote a fast piece of code that
>removed every instance of the virus from a persons mail box (it was part of
>my custom spam filter). I've done the same for this one as well.
>
><CFLOOP QUERY="qSpam">
><CFIF len(ATTACHMENTS) and (REFindNoCase('\.pif|\.scr|\.cmd|\.bat',
>attachments) OR REFindNoCase('^(hi|test|mail delivery
>system|status|hello|error|Mail Transaction Failed|Server Report|Message
>status from e-mail system|failure notice)$', subject))>
> <CFSET lDeleteUID=ListAppend(lDeleteUID, UID)>
></CFIF>
></CFLOOP>
>
>Basically, I want to kill every message with an attachment of pif, scr, cmd
>or bat. Additionally, if the message has an attachment and a specific
>subject, I want that deleted as well. It's not foolproof (my full version
>makes sure eml attachments are never deleted) but will work for most people.
>Personally, 1/4 of my normal mail and over 1/2 of my admin mail has been
>this virus.
>My personal recomendation are to either:
>1. Get iMS with the built in Prism AV scanner
>2. Get a third party AV scanner for your mail system
>3. Write your own cleaner
>
>Fun. :)
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
