[vox-tech] Virus deluge

[Rod Roark]

I just created and installed a Postfix remedy for the latest
MS malware outbreak, and thought I'd pass it on.  I'm seeing
a VERY high rate of connections from machines infected with
this stuff.

In main.cf, insert this:

body_checks=pcre:/etc/postfix/virus_body_checks

Create a file virus_body_checks containing this:

/^TVqQAAMAAAAEAAAA\/\/8AALg/ REJECT Emails with Microsoft executable attachments are not allowed here.
/^UEsDBAoAAAAAA...OzDKJx\+eAFgAAABYAA/ REJECT Attached zip file appears to contain a virus.

If anyone has an improved solution, let me know, but this
seems to work.

-- Rod