Re: It's not my list but ... (AV Bots)
At 03:44 PM 4/24/01, Frank Tegtmeyer wrote: >Todd Finney <[EMAIL PROTECTED]> writes: > > > On an ezmlm list, stripping MIME attachments is as simple as ... > >To be exact: that's only possible with ezmlm-idx. Yes, my bad. Todd
Re: It's not my list but ... (AV Bots)
Todd Finney <[EMAIL PROTECTED]> writes: > On an ezmlm list, stripping MIME attachments is as simple as ... To be exact: that's only possible with ezmlm-idx. Regards, Frank
Re: It's not my list but ... (AV Bots)
On Tue, Apr 24, 2001 at 11:51:02AM -0600, Andy Bradford <[EMAIL PROTECTED]> wrote: > On Tue, 24 Apr 2001 08:35:10 CDT, Bruno Wolff III wrote: > > > It isn't my list, but if it was I would add the IP addresses of any servers > > that sent a virus warning to my list into my tcp rules block list. > > Unfortunately that won't work. The email is sent to a list exploder > and never directly delivered to your mail server. So, this would only > be useful on the list server. :-) That is what I was suggesting. DJB can see what server sent the virus warning messages to the list and block further messages of any kind from being injected from that server. I don't agree that blocking the server is unacceptable because it punishes people forced to use that server. For one thing, people may be using a different server to send mail to the list than the server sending the virus warnings. I don't know that blocking attachments on this list is a great idea. It may be reasonable to send small examples to the list as attachments rather than asking people to go to a web site to see them. Also, not including attachments isn't a guarenty that some virus scanner won't like the subject of your message or find some other reason to send a message to the sender and all recipients of a message.
Re: It's not my list but ... (AV Bots)
On Tue, 24 Apr 2001 08:35:10 CDT, Bruno Wolff III wrote: > It isn't my list, but if it was I would add the IP addresses of any servers > that sent a virus warning to my list into my tcp rules block list. Unfortunately that won't work. The email is sent to a list exploder and never directly delivered to your mail server. So, this would only be useful on the list server. :-) Andy
Re: It's not my list but ... (AV Bots)
At 09:54 AM 4/24/01, Brett Randall wrote:
>Or simply strip the attachments to any messages... That'd be my ideal
>choice. Keep the list relatively text-only (HTML to some degree), have
>no virii problems and keep total bandwidth usage down. Overheads are
>obvious, but at least for each e-mail to the list, the attachment
>would just have to be stripped when it arrived (a relatively simple
>Perl script could do it, or a compiled C program if you're after
>efficiency).
On an ezmlm list, stripping MIME attachments is as simple as saying
'Hey, don't let any MIME attachments through'. Stripping uuencoded
attachments is equally simple - you just add
|/usr/bin/uudecode -o /dev/stdout >/dev/null 2>&1 && { echo
"Attachments Prohibi
ted"; exit 100; }; exit 0
to DIR/editor.
I'm not sure what kind of overhead this generates, but we host several
lists that all have volumes equal to or greater than this list, and
I've never noticed a problem.
Setting a maximum message size helps also. That's probably not a good
idea on a tech list, though, as messages including debugging
information can be rather long sometimes.
The real answer, of course, is "lose Outlook, and stop double-clicking
things", but I suppose we're ignoring that for the purposes of this
discussion.
Todd
Re: It's not my list but ... (AV Bots)
Robin S. Socha([EMAIL PROTECTED])@2001.04.24 09:59:25 +: > we have a clear case of MCSE, but that's no reason to punish the users > of that server. MCSE = management can't send email (?) ;-) > > Again: the problem is on the server side (i.e. "administrators" running > Exchange on Win2k or whatever the the lates hype is) here, not on the > users'. yup, but software that sends mail on it's own behalf to arbitrary adresses is considered broken and therefor has to be removed. ah, yes, there actually is an application for actually using exchange (imho the only one): X.400 based messaging services for legacy backend networks. /k -- > The idea that Bill Gates has appeared like a knight in shining armour > to lead all customers out of a mire of technological chaos neatly ignores > the fact that it was he who, by peddling second-rate technology, led them > into it in the first place. -- Douglas Adams in Guardian, August 25, 1995 KR433/KR11-RIPE -- http://www.webmonster.de -- ftp://ftp.webmonster.de [Key] [KeyID---] [Created-] [Fingerprint-] GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46
Re: It's not my list but ... (AV Bots)
* Bruno Wolff III <[EMAIL PROTECTED]> [010424 09:31]: > It isn't my list, but if it was I would add the IP addresses of any servers > that sent a virus warning to my list into my tcp rules block list. Well, this one "feature" in Windows has created more traffic than qmail over the last 24h. Anyway, your suggestion is wrong. If the admin of a central mailserver is a) stupid enough to run Windows b) stupid enough to use a virus scanner c) stupid enough to run a misconfigured mail notificication we have a clear case of MCSE, but that's no reason to punish the users of that server. Again: the problem is on the server side (i.e. "administrators" running Exchange on Win2k or whatever the the lates hype is) here, not on the users'. -- Robin S. Socha http://my.gnus.org/ - To boldly frobnicate what no newbie has grokked before.
Re: It's not my list but ... (AV Bots)
> "Bruno" == Bruno Wolff <[EMAIL PROTECTED]> writes: > It isn't my list, but if it was I would add the IP addresses of any servers > that sent a virus warning to my list into my tcp rules block list. Or simply strip the attachments to any messages... That'd be my ideal choice. Keep the list relatively text-only (HTML to some degree), have no virii problems and keep total bandwidth usage down. Overheads are obvious, but at least for each e-mail to the list, the attachment would just have to be stripped when it arrived (a relatively simple Perl script could do it, or a compiled C program if you're after efficiency). I think this overhead is minor compared to the headache of virii warnings over the last couple of days (thank God for Gnus scoring :) -- ^X^C q quit :q ^C end x exit ZZ ^D ^Z ^K^B ? help
It's not my list but ... (AV Bots)
It isn't my list, but if it was I would add the IP addresses of any servers that sent a virus warning to my list into my tcp rules block list.
