Re: [Exim] New Email Virus...

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Nigel Metheringham
Date:  
À: J C Lawrence
CC: Jeff Carnahan, exim-users
Sujet: Re: [Exim] New Email Virus...
OK folks... New filter is available
    ftp://ftp.exim.org/pub/filter/


or
    http://www.exim.org/system_filter.exim


Install/usage instructions are in the file.

The "active" test is:-
if ${length_80:$header_date:} is not $header_date:
then
  fail text "This message has been rejected because it has\n\
         \tan overlength date field which can be used\n\
         \tto subvert Microsoft mail programs\n\
             \tThe following URL has further information\n\
         \thttp://www.securityfocus.com/frames/?content=/templates/article.
html%3Fid%3D61"
  seen finish
endif


but my mail client line wraps, so be careful.
If you roll your own remember that this one will work if put in bounce
messages too!


The MD5 checksum of the whole filter is
dacb44e417ac0f494e62c32220cdd209 system_filter.exim

If someone can suggest a cleaner way to test for a string/header being
longer than n chars please let me know.

    Nigel.
-- 
[ - Opinions expressed are personal and may not be shared by VData - ]
[ Nigel Metheringham                  Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]