--
On Thu, Oct 23, 2003 at 10:27:42PM +0200, Konstantin Kletschke wrote:
> The MS Worms are driving me nuts and I migrated from 3.3.1 to 4.24 on a
> debian with a rather sophisticated mysql setup :)
I'm presuming you installed exim4-daemon-heavy?
> Now I wonder how to setup y system wide exim4 filder, which kills all
> mails, which look like a worm or virus or even with an attached *exe.
Well, the easiest way, in my mind, would be to install clamav and use
exiscan-acl (already built into exim4-daemon-heavy) to reject anything clamav
thinks is suspect. This would be done at SMTP time and while it would not
protect your bandwidth it most certainly would be system-wide and includes
sensible responses to the infected message. There is an excellent tutorial on
how to get the two to work off of exiscan-acl's page. It is geared towards
RPMs but frankly after installing clamav with aptitude all I needed it for was
the ACL rules to place into /etc/exim4/conf.d/acl and /etc/exim4/conf.d/main.
--
Steve C. Lamb | I'm your priest, I'm your shrink, I'm your
PGP Key: 8B6E99C5 | main connection to the switchboard of souls.
-------------------------------+---------------------------------------------
--
Content-Description: Digital signature
[ signature.asc of type application/pgp-signature deleted ]
--
