>Date: Thu, 26 Aug 2004 15:33:36 +0200
>To: exim-users@???
>From: "R.B. (Rick)" <black.hawk@???>
>Subject: [exim] ACL for some bounce msgs
>
>my problem now is block those bounce messages coming from mailing
>system that catch emails with virus that have forged sender... in
>this way my users get a virus notify and every time call me worried
>about that...arg
>
>what do you think abount create an ACL to block msgs wit the
>sender <> and that contains the word virus in subject or in the
>body? Should work?
>
>Any better solution?
As an alternative, you might consider using exim + exiscan
+ SpamAssassin. Make sure you use Tim Jackson's excellent
bogus-virus-warnings.cf SpamAssassin rules file. This is available
from:
http://www.timj.co.uk/linux/bogus-virus-warnings.cf
and will flag virtually all these bogus reports as spam. For
example here's what it produced for a recent MailScanner report:
Subject: ++SPAM++ {VIRUS?} Mail delivery failed
: returning message to sender
X-Spam-Score: 36.6 (++++++++++++++++++++++++++++++++++++)
X-Spam-Flag: YES
X-Spam-Report: 36.6/6.0
---- Start SpamAssassin results
* 20 VIRUS_WARNING66 Unhelpful 'virus warning' (66)
* 20 VIRUS_WARNING1 Unhelpful 'virus warning' (1)
* -4.9 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
* [score: 0.0013]
* 1.5 VIRUS_WARNING250 BODY: Some kind of MailScanner notification? (250)
---- End SpamAssassin results
Have a look at:
http://www.rulesemporium.com/
for other useful SpamAssassin rules.