Full Disclosure mailing list archives
Re: Re: Filtering sobig with postfix
From: Irwan Hadi <irwanhadi () phxby com>
Date: Thu, 21 Aug 2003 16:37:26 -0600
On Fri, Aug 22, 2003 at 08:43:45AM +1200, Bojan Zdrnja wrote:
/filename=.*(your_details|your_document|document_all).pif/ REJECT You might want to reject all .pif files, and also: /(Virus found|VIRUS ALERT)/ DISCARD To discard all those messages originating from improperly configured MTA's, which were able to detect Sobig-F, but which still send notification to faked from: address. After you edit that file just issue: # /usr/sbin/postmap /etc/postfix/header_checks
you don't need to postmap the header checks file, because you are using regexp. You *only* need to postmap it, if you use hash:, dbm: or btree: _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- AW: Re: Filtering sobig with postfix vogt (Aug 20)
- Re: Re: Filtering sobig with postfix martin f krafft (Aug 20)
- Re: Re: Filtering sobig with postfix gregh (Aug 20)
- <Possible follow-ups>
- AW: Re: Filtering sobig with postfix vogt (Aug 20)
- Re: Re: Filtering sobig with postfix martin f krafft (Aug 20)
- Re: Re: Filtering sobig with postfix martin f krafft (Aug 20)
- AW: Re: Filtering sobig with postfix vogt (Aug 21)
- RE: Re: Filtering sobig with postfix Bojan Zdrnja (Aug 21)
- Re: Re: Filtering sobig with postfix Irwan Hadi (Aug 21)
- RE: Re: Filtering sobig with postfix Bojan Zdrnja (Aug 21)
- RE: Re: Filtering sobig with postfix Bojan Zdrnja (Aug 21)
- Re: Re: Filtering sobig with postfix Robert Banniza (Aug 23)
- Re: Re: Filtering sobig with postfix Andrew J Caines (Aug 23)