[unisog] Sendmail Filter for Sircam
jose at biocserver.BIOC.cwru.edu
Tue Jul 31 16:07:08 GMT 2001
On Tue, 31 Jul 2001, David Lundy wrote:
> I am getting a lot of Sircam infected email. Our email gateway is
> sendmail, but we have no filtering in place. Does anyone have a
> pointer to a milter for Sircam or information on filtering for this or
> other rogue email?
the generic procmail sanitizer will prevent infection by defanging the
double extensions (ie .doc.exe). you can easily tweak it to sync on the
message body and kill it on the basis of that.
enjoy. almost no tweaking to the sendmail setup, maybe a change of Mprog
to procmail ...
hope this helps.
jose nazario jose at cwru.edu
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
More information about the unisog