One solution is to use spamassassin, and in your ~/.spamassassin/user_prefs, do the following:
score MICROSOFT_EXECUTABLE 6 Or whatever number you need to get over the default threshold. Effectively any mail with an identified .exe attachment would gain a bonus of +6 in spamassasin (in my case I have my threshold set to 5.5, so this instantly makes it spam unless something else reduces the score). Of course, this only catches the ones with .exe attachements, though I imagine a simply procmail rule to filter on the body of the mail or subject would suffice for those rules that sneak through this work around. Good luck! Josh Eckhard Hoeffner ([EMAIL PROTECTED]) wrote: > * Ted Roby <[EMAIL PROTECTED]> [22 09 03 20:56]: > > >My secalert account for these lists is being drenched with 40 to 70 of > >these fake Microsoft Update emails per day. > >My filters on my client dump them to a Junk folder, but I would prefer > >it if my Exim filter would do the job at the server level instead. I am > >running Nigel Metheringham's system_filter.exim. > > I am looking for a same solution. However, I am getting 40 to 70 of such > mails within 2 hours. There should be a possibility with > exim-4.1, but > nothing for exim-3.X > > > >The single part MIME filter doesn't seem to catch it though. What are > >others on this list using or doing to blatently block this stuff? There > >is no valid .exe I could receive, ever. > > I am suffering (and also using nothing). > > > -- > Eckhard H?ffner FiFo Ost GbR > Tal 44 > D-80331 M?nchen > Tel. +49-89-21 03 18 88 Fax. +49-89-21 03 18 90 > http://www.fifoost.org > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >