Alfa Romeo/Alfa Romeo Digest Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [alfa] are you guys getting an email saying that it is a virus?
On Mon, 8 Sep 2003 04:26:18 EDT MRAXLROZE@domain.elided wrote:
> im wondering if its a problem with the digest...if other people are
> getting
> this mail then it is a virus being sent around thru the alfa digest be
> careful
> guys..and dont download any files
there are no viruses passing through the digest.
the digest server has two stages of protection at the present time
1) all email to the server with dodgy extensions is rejected outright
at SMTP time. the list of rejected extensions is right out of the M$
recommendations. from the server's exim configuration file:
# Unpack MIME containers and reject file extensions
# used by worms. Note that the extension list may be
# incomplete.
deny message = $found_extension files are not accepted here
demime = ade:adp:bas:bat:chm:cmd:com:cpl:crt:exe:hlp:hta \
inf:ins:isp:js:jse:lnk:mdb:mde:msc:msi:msp:mst:pcd:pif \
reg:scr:sct:shs:shb:url:vb:vbe:vbs:wsc:wsf:wsh
2) all email to the digest is then passed through a perl script named
"demime" (not the same demime as in the exim config) which strips all
surviving attachments as well as html text (converting html to plain
text where necessary) before sending it on to readers.
if you are getting a virus that looks like a digest, there is some other
vector at work. most newer viruses forge From: addresses, this is probably
what you're seeing.
richard
--
Richard Welty rwelty@domain.elided
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
--
to be removed from alfa, see /bin/digest-subs.cgi
or email "unsubscribe alfa" to majordomo@domain.elided
Home |
Archive |
Main Index |
Thread Index