Re: [Exim] system wide filter for detect virus

Pàgina inicial
Delete this message
Reply to this message
Autor: Marc MERLIN
Data:  
A: Andrey Chernomyrdin
CC: exim-users
Assumpte: Re: [Exim] system wide filter for detect virus
On Thu, Apr 05, 2001 at 09:22:47PM +0400, Andrey Chernomyrdin wrote:
> Hi!
>
> I write some new rules for detecting viruses in incoming mail (attached).
> I use it 3 month together with ftp://ftp.exim.org/pub/filter/system_filter.exim
> This rules insert before testing incoming mail for Generic Windows
> Executable files in attachment.


Thanks for filter and sharing it with us, but I gotta ask: what's in those
viruses that is harmful but not detected by the generic filter?

Isn't there a more generic way to block those without having lots of entries
and lines of code for each virus (I especially dislike those because they
only help after the fact, after the virus has spread, and after you would
have needed it)

Do you have a copy of those viruses on some ftp site or web page so that we
can look at them and see what's unique about them?

Thanks,
Marc
-- 
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking


Home page: http://marc.merlins.org/ | Finger marc_f@??? for PGP key