email attack
Roger Oberholtzer
roger
Mon May 17 11:53:58 PDT 2004
On Mon, 2003-09-22 at 19:39, Jason Joines wrote:
> Chris Kassopulo wrote:
> > Greetings,
> >
> > For the last two days I've gotten 100's of emails containing exe files.
> > Bogus microsoft updates and patches. Each piece is around 150k which
> > makes for a long download on dialup. Are there any filters that can
> > delete emails at the server that have an exe attached.
> >
> > I can put up with a little spam, but this is out of control.
> >
> > TIA
> >
> > Chris
>
>
> I had this same problem, then checked the procmail mailing list
> (nntp://news.gmane.org/gmane.mail.procmail) to see if anyone had a good
> recipe for it.
> I created a mail folder called null that is just a symbolic link to
> /dev/null and used this recipe that works great.
>
> # swen
> :0 B:
> *
> ^ZGUuDQ0KJAAAAAAAAAB\+i6hSOurGATrqxgE66sYBQfbKATvqxgG59sgBLerGAdL1zAEA6sYBWPXV
> null
I have set up procmail to move my incoming mail into a courier imap
directory. At that time, I tried a simple (I thought) filter to move a
few messages around. All went south very fast. So, given this complete
procmail script that currently moves mail into my imap directory, what
horror would I unleash if I added the above statements just above this
rule (the only rule) in the file?
:0:
./
I am an adventurous type of guy. I just did not like when my e-mail went
away when I did what I thought was a simple filter.
BTW, how did you come up with this rule? I do not see these numbers in
the headers of the swen files I am getting. Of course, that would be too
simple...
Roger Oberholtzer roger.oberholtzer at surbrunn.net
Stockholm, Sweden http://www.surbrunn.net
More information about the Linux-users
mailing list