On Mon, Sep 06, 2004 at 08:00:04PM +0100, Obantec Support wrote:
the e-mail's contain an attachment W32(_dot_)Netsky(_dot_)Z(_at_)mm in the
or other random .zm9 files.
Since the message always seems to be the same would it be safe to simple
write a rule to drop messages with this body? if yes a little help with the
rule would be nice.
Well, sure, as long as you don't think you're going to miss anything
coming in that's not a virus but says "Important document!"
TRASH = /var/tmp/probably_netsky
:0 B D # case-sensitive to avoid false positives, hence the 'D' flag
* ()\<Important document!
I am looking into a virus scanner for the server and would also appreciate a
little input. OS is RH6.2 (old i know but no way to upgrade at this time.)
Well, this is a good time to announce, then, that I updated Virus Snaggers(tm)
to ver. 2.1 effective yesterday. See link in my .sig.
[ Virus Snaggers ver. 2.10 now up at <http://vsnag.spamless.us/> ]
procmail mailing list Procmail homepage: http://www.procmail.org/