Re: [Exim] Blocking sobig.f

Top Page
Delete this message
Reply to this message
Author: Leonardo Boselli
Date:  
To: Jerry Bell, exim-users
Subject: Re: [Exim] Blocking sobig.f
Btw: even pl and tcl can be automatically executed ... !...

Il 20 Aug 2003 alle 10:50, Jerry Bell immise in rete:

> <snip>
> Another way I've found to very effectively block most all recent viruses
> is by blocking 'bad' attachments:
> deny  message = contains $found_extension file (blacklisted).
>      demime =
> ade:adp:bas:bat:chm:cmd:com:cpl:crt:exe:hlp:hta:inf:ins:isp:js:jse:lnk:mdb:mde:msc:msi:msp:mst:pcd:pif:reg:scr:sct:shs:shb:url:vb:vbe:vbs:wsc:wsf:wsh:ADE:ADP:BAS:BAT:CHM:CMD:COM:CPL:CRT:EXE:HLP:HTA:INF:INS:ISP:JS:JSE:LNK:MDB:MDE:MSC:MSI:MSP:MST:PCD:PIF:REG:SCR:SCT:SHS:SHB:URL:VB:VBE:VBS:WSC:WSF:WSH
> sensitive.  I don't have all permutations here, but upper and lower seem
> to catch most all of them.