It seems that the consensus is that I should just drop messages with these potantal virus attachments, instead of bouncing them or rejecting them at SMTP time. Currently, my exim's antivirus file looks like this:
if $message_body matches <a variety of rules...>
then
fail text "This message has been rejected because it has\n\
a potentially executable attachment $1\n\
This form of attachment has been used by\n\
recent viruses or other malware.\n\
If you meant to send this file then please\n\
package it up as a zip file and resend it."
seen finish
endifWhat do I use instead of "fail text"? Is the best option really just to /dev/null these messages? And if so, what command do I use?
Thanks again for all your help guys.
-Josh
PGP.sig
Description: This is a digitally signed message part
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
