[NTLUG:Discuss] Solution to virus scanning Mandrake 9.0
Rev. wRy
slot0k at pogox.org
Tue Jan 21 23:08:56 CST 2003
On Tue, 2003-01-21 at 23:03, Paul Ingendorf wrote:
> I've been a long time user of Amavis and now I find myself in the crapper with
> Mandrake 9.0 and perl 5.6. Apparently perl 5.6 redid things that amavis
> depends on and rather than trying to reinvent the wheel as the amavis group
> doesn't seem to be moving in the direction of fixing the code base I was
> wondering if the group might have suggestions on other products that work to
> scan incoming e-mails for viruses.
Um, procmail? My /etc/procmailrc looks like this:
SHELL=/bin/sh
MAILDIR=/var/spool/mail
LOGFILE=/var/log/procmail.log
:0 B
* ^Content-Type: (application|audio)
*
^.*name=.*\.(vb[esx]|jse?|ws[hf]|c[ho]m|bat|cmd|shb|hta|exe|lnk|pif|scr|shs)
/dev/null
:0
* ^(X-Spanska|From.*hahaha)
{
LOG="VIRUS "
:0
/dev/null
}
:0 B
* > 100000
* mDmcOaA5pDmoOaw5sDnAOeA56DnsOfA59Dn4Ofw5ADoEOgg6HDo8OkQ6SD
{
LOG="SirCam "
:0
/dev/null
}
While I'm probably very very lucky, this seems to catch most of the e-mail variety virii. What it doesn't get, the AV on the ms$ does. It's just nice to catch it before it gets that far. :)
Just my .02,
Ry
More information about the Discuss
mailing list