[NTLUG:Discuss] information about viruses

[JR Newsletters]

jeremyb at univista.com wrote:

> How are you testing the 'renattach' script?

I'm beyond the testing phase.  I've deployed the renattach script on my 
mailserver which is renaming all the attachments (and seems to also 
rename all of the hidden file names in an html message) when received.  
It is run by procmail.  Instructions are under 'man renattach' that show 
how you can renattach on a user by user basis, or globally on the entire 
machine.  It is very easy to use.

While my Linux machine is not susceptible to the trojans, I like being 
able to see what 'filenames' where stuck into some of my received 
E-mail.  But renattach has really shined for me when my wife receives 
her E-mail on her Windows E-mail machine.  She has gotten some of those 
virus E-mails, but fortunately all the malicious filenames have been 
changed to an .xxx extension, and windows just shows it as an attachment 
since it doesn't know how to run an .xxx file.  And it really helps that 
some of these filenames are hidden in the html E-mail messages (a lot of 
them using the Outlook Express Security Hole) where the names never show 
up, but again nothing executes since Windows doesn't know what to do 
with an .xxx file.