[vox-tech] the answer to all my virus problems

dylan vox-tech@lists.lugod.org
Sun, 21 Sep 2003 12:03:11 -0800 

thanks pete, i will take a look...

so far i have been able to dig up the following sites:

http://www.exim.org/exim-html-3.20/doc/html/filter_toc.html

http://colondot.net/mbm/mailfilter.shtml

i will have to spend some time reading these before i am able to make sense
of them...

i tried a simple filter of my own design... however, all of my mail was
getting stuck on the server... and had to use 'exim -qff -v' to get it back!

dylan

on 03.9.21 10:32 AM, p@dirac.org at p@dirac.org was reported to have writen:

> hi dylan,
> 
> the short answer (as in "i want these virus messages to stop RIGHT
> NOW!") would be to use the procmail filter i posted.
> 
> now, about a better solution.  the postfix way of doing it is all over
> the net.  exim seems a bit tougher.  that said, i find it excruciatingly
> hard to believe that a popular MTA like exim would have such a gaping
> hole in functionality.
> 
> i found this:
> 
> http://www.concretecow.com/denny/content/?article=2
> 
> but have not gotten it to work yet (there is a bit of a confusion what
> the "name" of this computer is, for reasons that are longer than they
> are interesting.  that could be messing things up).
> 
> hope that helps.  if you figure this out one way or the other, i'd
> appreciate it if you could post your results!
> 
> pete
> 
> 
> On Sun 21 Sep 03, 11:29 AM, dylan <dylan@iici.no-ip.org> said:
>> have been lurking for the past few days paying close attention to this
>> thread.... however, has anyone figured out how to reject these kind of
>> messages at the door with EXIM ?
>> 
>> i am using a combination of exim and courier (Maildir delivery), and was
>> wondering if it would be possible to drop these messages with my
>> configuration.
>> 
>> also, is there any good way to strip HTML from email messages with exim?
>> right now, i am running all messages through the a hack of a filter written
>> in AWK. it removes a lot of the HTML, however, i can't use something like:
>> 
>> awk '
>> {gsub(/</?[^>]*>/,"\n")}
>> {print}
>> '
>> ...because it mangles some important parts of the actualy messages, such as
>> the TO and FROM headers....
>> 
>> any ideas for an EXIM user who is tired of these stupid email viruses
>> wasting my time.
>> 
>> 
>> thanks in advance,
>> 
>> dylan
>> 
>> 
>> 
>> 
>> on 03.9.20 4:44 PM, Rod Roark at rod@sunsetsystems.com was reported to have
>> writen:
>> 
>>> On Saturday 20 September 2003 04:24 pm, Rod Roark wrote:
>>>> On Saturday 20 September 2003 02:56 pm, p@dirac.org wrote:
>>>>> roland smith, whom i met while googling shared a *wonderful* procmail
>>>>> recipe that catches windows viruses.
>>>> [snip]
>>>> 
>>>> Cool.  I wonder if there's an easy way to get Postfix to
>>>> notice these attachments at the front door, and drop the
>>>> connection before all 150K or whatever have been received.
>>> 
>>> Bwahahahaha!  I found it!  From this Slashdot posting:
>>> 
>>> http://slashdot.org/comments.pl?sid=79337&cid=7013891
>>> 
>>> and your email, I deduced to create a file
>>> /etc/postfix/rods_body_checks containing the following:
>>> 
>>> /^TVqQAAMAAAAEAAAA\/\/8AALg/ REJECT Emails containing Microsoft executables
>>> are prohibited from this server.
>>> 
>>> and to add this line to my Postfix configuration file
>>> (main.cf):
>>> 
>>> body_checks=pcre:/etc/postfix/rods_body_checks
>>> 
>>> It seems to work.  :-)
>>> 
>>> -- Rod
>>> http://www.sunsetsystems.com/
>>> 
>>> _______________________________________________
>>> vox-tech mailing list
>>> vox-tech@lists.lugod.org
>>> http://lists.lugod.org/mailman/listinfo/vox-tech
>>> 
>> 
>> 
>> 
>> 
>> 
>> -- 
>> "The world is a dangerous place to live; not because of the people who are
>> evil, but because of the people who don't do anything about it."
>> -Albert Einstein
>> 
>> _______________________________________________
>> vox-tech mailing list
>> vox-tech@lists.lugod.org
>> http://lists.lugod.org/mailman/listinfo/vox-tech





-- 
"The world is a dangerous place to live; not because of the people who are
evil, but because of the people who don't do anything about it."
-Albert Einstein