anomy-list

Re: separating out viruses with useful payloads

From: Bob George (121292@xyz.molar.is)
Date: Thu 01 Apr 2004 - 01:58:18 GMT

  • Next message: Bob George: "annoying problem with sanitizer via procmail"

    Jon Gabrielson wrote:

    > Because of the large number of autogenerated viruses I have been
    > receiving, I'm thinking about setting up my mail server to block all
    > email containing viruses, but I am worried about legitimate mail with
    > viruses attached getting blocked.

    Do you get many valid messages with infected attachments? I can't say
    I've seen one like that in a LONG time...

    > Most of the recent viruses are self
    > generated and as far as I know do not attach themself to legitimate
    > outgoing mail.

    Now THOSE I've seen a ton of.

    > Does anyone know if there is a way to separate
    > autogenerated mail containing viruses and legitimate mail that has
    > a virus attached?

    Why not simply remove infected files from all emails? Do you have anomy
    sanitizer configured to use an external scanner?

    As to the messages themselves, a spam filtering tool should work against
    most with proper configuration. I'd still use sanitizer to zap/quaratine
    the attachments though.

    - Bob



    hosted by molar.is