Re: W32/Mydoom@MM (was: Re: )
On Tue, 2004-01-27 at 11:50, s. keeling wrote:
> Incoming from Eduardo Almeida:
> >
> > I don't know if all of you already heard about this. This message is a
> > virus as you can see below.
>
> Pardon me if this seems a bit thick headed, but why should I care? The
> Windows world is always being attacked by crap like this. Why is this
> news?
>
> I don't use Windows. Since you're using Evolution, I assume you
> aren't either. So what's the big deal?
>
> Of course if you're using Debian as a mailserver for an internal
> Windows network, this may affect you, but what's it got to do with
> Debian?
I use Andreas Metzler's and Marc Haber's Exim4 Debian Package. I use the
Heavy Daemon with Exiscan-acl compiled in.
in the /etc/exim4/conf.d/acl/40_exim4-config_check_data
deny !senders = :
condition = ${if !def:h_Message-ID: {1}}
message = RFC2822 says you SHOULD have a Message-ID.\n\
Most messages without it are spam,\n\
so your mail has been rejected.
There now it pertains to Debian!
--
greg, [EMAIL PROTECTED]
REMEMBER ED CURRY! http://www.iwethey.org/ed_curry
signature.asc
Description: This is a digitally signed message part
Re: W32/Mydoom@MM (was: Re: )
On Tue, 2004-01-27 at 11:50, s. keeling wrote:
> Incoming from Eduardo Almeida:
> >
> > I don't know if all of you already heard about this. This message is a
> > virus as you can see below.
>
> Pardon me if this seems a bit thick headed, but why should I care? The
> Windows world is always being attacked by crap like this. Why is this
> news?
>
> I don't use Windows. Since you're using Evolution, I assume you
> aren't either. So what's the big deal?
>
> Of course if you're using Debian as a mailserver for an internal
> Windows network, this may affect you, but what's it got to do with
> Debian?
I use Andreas Metzler's and Marc Haber's Exim4 Debian Package. I use the
Heavy Daemon with Exiscan-acl compiled in.
in the /etc/exim4/conf.d/acl/40_exim4-config_check_data
deny !senders = :
condition = ${if !def:h_Message-ID: {1}}
message = RFC2822 says you SHOULD have a Message-ID.\n\
Most messages without it are spam,\n\
so your mail has been rejected.
There now it pertains to Debian!
--
greg, [EMAIL PROTECTED]
REMEMBER ED CURRY! http://www.iwethey.org/ed_curry
signature.asc
Description: This is a digitally signed message part
Re: W32/Mydoom@MM (was: Re: )
On Tue, Jan 27, 2004 at 09:50:24AM -0700, s. keeling wrote: > Pardon me if this seems a bit thick headed, but why should I care? The > Windows world is always being attacked by crap like this. Why is this > news? > > I don't use Windows. Since you're using Evolution, I assume you > aren't either. So what's the big deal? > > Of course if you're using Debian as a mailserver for an internal > Windows network, this may affect you, but what's it got to do with > Debian? Many use Debian boxes as corporate servers. Some people here will have to worry about security of their company LAN which contains Windows boxes picking up their mail from that Linux server. So yes, for some people it *does* matter. -- -- Dale Amon [EMAIL PROTECTED]+44-7802-188325 International linux systems consultancy Hardware & software system design, security and networking, systems programming and Admin "Have Laptop, Will Travel" --
Re: W32/Mydoom@MM (was: Re: )
On Tue, Jan 27, 2004 at 09:50:24AM -0700, s. keeling wrote: > Pardon me if this seems a bit thick headed, but why should I care? The > Windows world is always being attacked by crap like this. Why is this > news? > > I don't use Windows. Since you're using Evolution, I assume you > aren't either. So what's the big deal? > > Of course if you're using Debian as a mailserver for an internal > Windows network, this may affect you, but what's it got to do with > Debian? Many use Debian boxes as corporate servers. Some people here will have to worry about security of their company LAN which contains Windows boxes picking up their mail from that Linux server. So yes, for some people it *does* matter. -- -- Dale Amon [EMAIL PROTECTED]+44-7802-188325 International linux systems consultancy Hardware & software system design, security and networking, systems programming and Admin "Have Laptop, Will Travel" -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: W32/Mydoom@MM (was: Re: )
On Tuesday 27 January 2004 17:50, s. keeling wrote: > Incoming from Eduardo Almeida: > > I don't know if all of you already heard about this. This message is a > > virus as you can see below. > Pardon me if this seems a bit thick headed, but why should I care? The > Windows world is always being attacked by crap like this. Why is this > news? > I don't use Windows. Since you're using Evolution, I assume you > aren't either. So what's the big deal? > Of course if you're using Debian as a mailserver for an internal > Windows network, this may affect you, but what's it got to do with > Debian? Watch the mail logs on your internet connected mailservers and you'll see why you should care. This virus is spreading like crazy. I updated the postfix body checks to filter out specifically named zip attachments. Even though the weakness is on the windows side, I'd prefer it not to arrive at any of the clients who receive mail through our servers. And not in my kmail mailbox either even though it has doesn't do any harm -- I already spend enough time sorting out the daily spam crap. Ricardo. --
W32/Mydoom@MM (was: Re: )
Incoming from Eduardo Almeida: > > I don't know if all of you already heard about this. This message is a > virus as you can see below. Pardon me if this seems a bit thick headed, but why should I care? The Windows world is always being attacked by crap like this. Why is this news? I don't use Windows. Since you're using Evolution, I assume you aren't either. So what's the big deal? Of course if you're using Debian as a mailserver for an internal Windows network, this may affect you, but what's it got to do with Debian? -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - -
Re: W32/Mydoom@MM (was: Re: )
On Tuesday 27 January 2004 17:50, s. keeling wrote: > Incoming from Eduardo Almeida: > > I don't know if all of you already heard about this. This message is a > > virus as you can see below. > Pardon me if this seems a bit thick headed, but why should I care? The > Windows world is always being attacked by crap like this. Why is this > news? > I don't use Windows. Since you're using Evolution, I assume you > aren't either. So what's the big deal? > Of course if you're using Debian as a mailserver for an internal > Windows network, this may affect you, but what's it got to do with > Debian? Watch the mail logs on your internet connected mailservers and you'll see why you should care. This virus is spreading like crazy. I updated the postfix body checks to filter out specifically named zip attachments. Even though the weakness is on the windows side, I'd prefer it not to arrive at any of the clients who receive mail through our servers. And not in my kmail mailbox either even though it has doesn't do any harm -- I already spend enough time sorting out the daily spam crap. Ricardo. -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
W32/Mydoom@MM (was: Re: )
Incoming from Eduardo Almeida: > > I don't know if all of you already heard about this. This message is a > virus as you can see below. Pardon me if this seems a bit thick headed, but why should I care? The Windows world is always being attacked by crap like this. Why is this news? I don't use Windows. Since you're using Evolution, I assume you aren't either. So what's the big deal? Of course if you're using Debian as a mailserver for an internal Windows network, this may affect you, but what's it got to do with Debian? -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
