--
I have been getting about twice the amount of Anti-Virus Notifications
similar (but not REALLY this bad):
YOU ARE EVUL... and sent an E-MAIL with a MM.lookout.Xploit.oftheday to
joe.b.loser@??? We are telling you to update your virus
signatures and dis-infect all machines at your location. We are
monitoring *ALL* en-tar-net communications and find you guilty. <voice
type=evul-villian-russian-french-accent-with-a-slur
fontclass=UNICODE-blargh>Veee arr votchink yewww, veee halfff zee means
teww destroiy yeewww!</voice>
I am running exim v4.30 with exiscan, clam-av and spamassassin. All mail
is scanned in or out. Proud to be.
Well, the whole reason I am sending this, I stumbled across this URL for
POSTFIX Rules, which happens to have a URL for SpamAssassin Rules, Which
was inspired by a posting Paul Vixie made on NANOG. Here they are:
POSTFIX rules
http://www.t29.dk/antiantivirus.txt
SA .cf (of which I made mine 19_bogus-virus-warnings.cf in
/usr/share/spamassassin):
http://www.timj.co.uk/linux/bogus-virus-warnings.cf
Paul Vixie's NANOG posting:
http://www.merit.edu/mail.archives/nanog/2004-01/msg00821.html
Rejecting at SMTP time sure is Nice!!! Saves TONS and TONS of bandwidth.
Helps us realize that auto-anti-virus responders (spammers) are the
penultimate example of EVUL!
Link for follow up on the last paragraph about av-spammers:
http://www.attrition.org/security/rant/av-spammers.html
Hope this helps.
--
greg@???
REMEMBER ED CURRY!
http://www.iwethey.org/ed_curry
--
Content-Description: This is a digitally signed message part
[ signature.asc of type application/pgp-signature deleted ]
--
