At 09:27 04/05/2000 -0700, you wrote:
>What seems to be the 'final verdict', or best guess to deal with this? I
>don't think those of us with limited exim skills need to be testing on live
>servers for this, nor would I like to spend a couple hours reading
-- begin of filter --
# Exim filter
# ILOVEYOU Virus Filter
if ((($message_body CONTAINS "name=LOVE-LETTER-FOR-YOU.TXT.vbs" or
$message_body CONTAINS "begin 600 LOVE-LETTER-FOR-YOU.TXT.vbs") and
$message_body CONTAINS "kindly check the attached LOVELETTER coming
from me.") and
$header_subject IS "ILOVEYOU") and not error_message then
logfile /var/spool/exim/log/filter_log
logwrite "$tod_log $message_id \
$sender_address ($sender_host_name[$sender_host_address]) \
=> $recipients (recipients=$recipients_count) \
subject=$header_subject"
fail text "This message possibly contains the VBS.LoveLetter.A (ILOVEYOU) \
virus, please use the newest antivirus packages to check that \
your system is clean. For further information on this virus, \
please read: \n \
http://www.sarc.com/avcenter/venc/data/vbs.loveletter.a.html\n \
http://www.datafellows.com/v-descs/love.htm\n\n \
Thank You"
seen finish
endif
-- end of filter --
Enjoy.
A.
- The Andromeda HTML Workshop -
http://www.htmlworkshop.com/
Home of Search & Replace 98
