hi all,
that's true, every one should have an virus-scanner... I don't receive
such emails too, so I've not noticed the Problem.
But the other point is, it is simple to block ip and domain-name
spoofing on the mailserver...
A simple (incomplete) example from postfix:
smtpd_helo_restrictions =
reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname
reject_unknown_helo_hostname
For sure, to prevent SPAM and virus this is not enough and more could be
done, check RFC conformity, reject RBL clients, like install/use
antispamd, use a simple and free virus scanner (like clamav),...
But preventing spoofing could already catch a lot of trash...
I'm not familiar with mailing list programs, but in case you use postfix
and need help feel free to contact me off-list.
Best regards,
Claudio
--
Working on OpenWrt CC for Xmodus GSM Router XM1710E
<http://www.xmodus-systems.de/openwrt>
On 25.03.2015 10:52, Mikey van der Worp wrote:
To follow up,
True that, just a heads up for the people who do not have any virus
scanners in their network. J
Mikey
*Van:*List [mailto:[email protected]] *Namens *Moshe Katz
*Verzonden:* dinsdag 24 maart 2015 16:57
*Aan:* pfSense Support and Discussion Mailing List
*Onderwerp:* Re: [pfSense] FW: Virus Detected
It looks like someone spoofed a message that it claims came from the
server itself (though it actually came from another server in Denmark
(87.104.0.8)).
Someone who has access to the mailing list server could likely pull
out the original message's full headers and file an abuse report with
the ISP, but I doubt that it'll make any difference. Just ignore the
message. Your virus scanner did catch it, after all.
Moshe
--
Moshe Katz
-- [email protected] <mailto:[email protected]>
-- +1(301)867-3732
On Tue, Mar 24, 2015 at 6:09 AM, Mikey van der Worp
<[email protected] <mailto:[email protected]>> wrote:
Em?
Why is this list sending me viruses?
Please be advised for e-mail with the following headers below...
Mikey
-----Oorspronkelijk bericht-----
Van: MailScanner [mailto:[email protected]
<mailto:[email protected]>]
Verzonden: dinsdag 24 maart 2015 11:08
Aan: [email protected] <mailto:[email protected]>
Onderwerp: Virus Detected
The following e-mails were found to have: Virus Detected
Sender: [email protected]
<mailto:[email protected]> IP Address: 208.123.73.78
Recipient: [email protected] <mailto:[email protected]>
Subject: [pfSense] Message could not be delivered
MessageID: 17C4E62EF0.ACDCC
Quarantine:
Report: Clamd: message was infected: Worm.Mydoom.M-unp
Report: Clamd: message.com <http://message.com> was infected:
Worm.Mydoom.M-unp
Full headers are:
Received: from lists.pfsense.org <http://lists.pfsense.org>
(lists.pfsense.org <http://lists.pfsense.org> [208.123.73.78])
by mail.utelisys.nl <http://mail.utelisys.nl> (Postfix) with
ESMTP id 17C4E62EF0
for <[email protected] <mailto:[email protected]>>; Tue,
24 Mar 2015 11:08:28 +0100 (CET)
Received: from localhost.my.domain (localhost [127.0.0.1])
by lists.pfsense.org <http://lists.pfsense.org> (Postfix) with
ESMTP id BF73AEB2E7;
Tue, 24 Mar 2015 05:11:22 -0500 (CDT)
Received: from lists.pfsense.org <http://lists.pfsense.org>
(exchange.kajmadsen.dk <http://exchange.kajmadsen.dk> [87.104.0.8])
by lists.pfsense.org <http://lists.pfsense.org> (Postfix) with ESMTP
id 93503EB2E2
for <[email protected] <mailto:[email protected]>>; Tue,
24 Mar 2015 05:11:17 -0500 (CDT)
From: "MAILER-DAEMON" <[email protected]
<mailto:[email protected]>>
To: [email protected] <mailto:[email protected]>
Date: Tue, 24 Mar 2015 11:08:15 +0100
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0003_E64740E7.04F4C9BF"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Subject: [pfSense] Message could not be delivered
X-BeenThere: [email protected] <mailto:[email protected]>
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: pfSense Support and Discussion Mailing List
<[email protected] <mailto:[email protected]>>
List-Id: pfSense Support and Discussion Mailing List
<list.lists.pfsense.org <http://list.lists.pfsense.org>>
List-Unsubscribe: <https://lists.pfsense.org/mailman/options/list>,
<mailto:[email protected]
<mailto:[email protected]>?subject=unsubscribe>
List-Archive: <http://lists.pfsense.org/pipermail/list/>
List-Post: <mailto:[email protected]
<mailto:[email protected]>>
List-Help: <mailto:[email protected]
<mailto:[email protected]>?subject=help>
List-Subscribe: <https://lists.pfsense.org/mailman/listinfo/list>,
<mailto:[email protected]
<mailto:[email protected]>?subject=subscribe>
Errors-To: [email protected]
<mailto:[email protected]>
Sender: "List" <[email protected]
<mailto:[email protected]>>
Message-Id: <[email protected]
<mailto:[email protected]>>
--
MailScanner
Email Virus Scanner
www.mailscanner.info <http://www.mailscanner.info>
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
