Hey all,
Want to get rid of all the s0big virus bounces? For those of you running
SpamAssassin, here are some rules to put in your
/etc/mail/spamassassin/local.cf file. Also there is a bit about procmail here
as well, but I'm sending the offenders to /dev/null ;-).
You can put the rules in your ~.spamassassin/user_prefs file, but you'd have
to turn on the ability to do this in the local.cf file anyway; plus the rules
would be recompiled for each email it processed, which is way too much
overhead. Also this is a security risk if spamd runs as root.
http://www.exit0.us/index.php/VirusBounceRules
Incidently, you'll notice that I'm purposely munging the virus name: the
rules assume that any mention of the virus in your incoming email is a bad
thing. If you're monitoring lists and expect such traffic, either whitelist
the addresses in your user_prefs file, or hunt down the appropriate rule and
change it.
If you want to block attachments (and therefore most viruses), see my earlier
email (I'm still looking for a comprehensive list of file extensions to
block).
-- Joey Kelly < Minister of the Gospel | Computer Networking Consultant > http://joeykelly.net "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." ___________________ Nolug mailing list nolug@nolug.orgReceived on 08/27/03
This archive was generated by hypermail 2.2.0 : 12/19/08 EST