Postfix Users on PLUG, and on PH-ISP (sorry for cross posts), >From the postfix users mailing list.. Header filters to stop the virus: ========================================= Well so far, I'm up to: /^Subject:\s+.*ILOVEYOU/ REJECT /^Subject:\s+.*I\s+Love\s+You/ REJECT /^Subject:\s+.*fwd:\s+Joke/ REJECT /^Subject:\s+.*Susitikim\s+shi\s+vakara\s+kavos\s+puodukui.../ REJECT /^Subject:\s+.*Mother's\s+Day\s+Order\s+Confirmation/ REJECT /^Subject:\s+.*Dangerous\s+Virus\s+Warning/ REJECT /^Subject:\s+.*VIRUS\s+ALERT!+/ REJECT I'll keep addin' 'em as I have to. I *wish* I could get away with: "/^X-(Mailer|Newsreader):\s+Microsoft\s+(Outlook|Internet Mail)/ REJECT" "/^X-MimeOLE: Produced By Microsoft MimeOLE/ REJECT" Gee, maybe I'll do this at home. Just on General Principles :-). > > Folks, header filtering is no solution to this kind of > viruses. I don't think anybody here seriously believes it is. But until something better comes along: we must needs do what we can with the tools we have at-hand. > > It's plain luck that the viruses currently floating around > can be (more or less) efficiently blocked with this > method. I wouldn't count on this luck to continue, but > rather start looking for real solutions for the underlying > problems. Banishing Microsoft "solutions", turning its Redmond campus into a smoking crater, and committing to to a life at hard labor the people responsible for the results of their irresponsible efforts to enslave the computing world through careless over-integration might do it :-). (As regards banishing M$ solutions: As of Thursday I happily eradicated the last copy of LookOut! at the corporate division where I physically reside. I'm working on the rest of the divisions. Since the company is currently working on standardizing applications: this worm/trojan came just in time :-).) > > Additionally, you may wish to notice that viruses and > simplistic anti-viral filters are currently "using up" > quite a few subject headers, including ones which may > quite well occur with legitimate messages - "fwd: Joke" is > the obvious candidate for this category. As for me, personally: I find this whole thing tremendously amusing. Then again: I'm using a Real Computer [tm]. So, again personally: my family doesn't have to worry about this thing. As far as the office: tho it may sound humorless, facist and Draconian: my lusers don't need to receive this kind of non-business e-mail anyway. (Some of the above was tongue-in-cheek. Some completely serious. I leave as an exercise for the reader determining which was which.) Regards, Jim -- Jim Seymour | PGP Public Key available at: [EMAIL PROTECTED] | http://www.cam.ac.uk.pgp.net/pgpnet/wwwkeys.html http://home.msen.com/~jimsun | http://www.trustcenter.de/cgi-bin/SearchCert.cgi ------------------------------------------------------- - Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
