On (01/10/03 21:23), Chris Tillman wrote: > On Wed, Oct 01, 2003 at 07:12:26PM -0700, Zach Archer wrote: > > Hi. I started receiving a whole lot of spam last night, shortly after > > subscribing and posting to this newsgroup for the first time. I'm not > > sure which brand of net-annoyant it is, but I'm receiving a lot of > > messages with big .exe files attached (funny that I can't open these > > in my macintosh household) > > > > A lot of these say things like "New critical update" from "Microsoft" > > (obviously neither is true) > > http://www.microsoft.com/security/antivirus/authenticate_mail.asp for info > > > > I'm hoping one of you can take corrective action to kill this virus, > > because my mailbox filled to capacity today and started bouncing > > messages back to people >:( > > I got sick of this too, and installed a little perl script > called popfilter, from web.iscali.it . It took a little while > to get going, but does the job nicely. The nice thing is you > don't have to download the message (with the damn attachment), > it deletes remotely. > > Here's a .email_blacklist I've used to get most of these bastards: > > 20031001 =>Microsoft<= =>. > 20031001 =>Client<= =>. > 20031001 =>User<= =>. > 20031001 =>Partner<= =>. > 20031001 =>Consumer<= =>. > 20031001 =>Customer<= =>. > 20031001 =>.<= =>Internet > 20031001 =>.<= =>Critical > 20031001 =>.<= =>Security > 20031001 =>.<= =>Microsoft > > I'm planning to set this up in a cron job, because otherwise my > mailbox fills up as you said. I also gave my ISP an earfull for > not affering any server side solutions.
Hi Chris There has been a long running thread on debian-user on these W32/Swen virus emails and many different solutions proposed. I tried mailfilter but was concerned that it might delete stuff from the server that I wanted. So having reconfigured my mail system from using getmail to fetchmail I was intending to use procmail and spamassassin. However, popfilter looks worth a try - so thanks for this ;) For everyone else, I would recommend a look at the debian-user archives - search separately on "mail bombs" "swen" "spam" and "virus". There is hours of interesting reading ;) HTH Clive -- http://www.clivemenzies.co.uk strategies for business
