> > I have recently deployed a freeware procmail script that does a very
good
> > job filtering out various forms or malicious mail. So far it has caught
all
> > the ILOVEYOU mail and a few of the variants we have seen. Since I use
QMail
> > on my own machine, can procmail scripts be used with QMail? Most of the
> > script uses some well crafted PERL code, so if not, it could probably be
> > shoe-horned into a form that QMail will utilize. Any suggestions?
>
> You are better off using something like scan4virus at the queue level.
> http://www.geocities.com/jhaar/scan4virus/
>
> While it is probably not advised, I am using it without the QMAILQUEUE
> patch. Instead, the scan4virus program receives the mail, scans it, then
> passes it to my renamed qmail-queue program.
>
> Right now I deny all .vbs attachments. Yes, this is rather draconian and
> there might be a 1 in 100,000,000,000,000 chance that someone really needs
> to send a .vbs attachment. Those are the breaks...
Thanks Pat...
That was the point I was trying to get across yesterday... It can be
renamed and sent through over and over so why not filter all .vbs
attachments? I tried to emphasize the point that non tech uses are killing
us with their carelessness so we have to protect them from vbs scripts in
order to protect ourselves.
On the same note I carried it through to all exe files as well. If they
need to be sent by good users- What's the big deal in changing the
extension to .exx? Bad guys will send an exe and hope it is run on double
click while an exx.obviously won't till the end user changes the extension
back to .exe.
My point is, if we don't stop viruses and Trojans from spreading then Uncle
Sam will try and we do not want that to happen considering the mess we have
with this child safety act. I wonder at times if they don't create these
problems so they have an excuse to try to control the net! The news I saw
and read leaned heavily towards government offices and military bases being
affected. :(
Rick < == paranoid!
