| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <002701c367cf$328760d0$0300a8c0@bzdrnja> From: Bojan.Zdrnja at LSS.hr (Bojan Zdrnja) Subject: Re: Filtering sobig with postfix > -----Original Message----- > From: Craig Pratt [mailto:craig@...ong-box.net] > Sent: Thursday, 21 August 2003 5:52 p.m. > To: Bojan.Zdrnja@....hr > Cc: full-disclosure@...ts.netsys.com > Subject: Re: [Full-Disclosure] Re: Filtering sobig with postfix > > You'd better check for a lot more than just .pif files. .scr and .exe > files are critical as well. Of course, the list is much longer, but original question was about stopping Sobig-F, which sends itself only as a .pif file. > If you want to really filter stuff, look at something like MailScanner > (http://www.mailscanner.info) which has file-type/mime-type > checking as > just the first line of defense. The power and configurability of this > system is amazing. It works with postfix and sendmail, and lots of > virus scanners - if you choose to integrate one. For combination with postfix, I'd suggest amavisd-new. It has very good performance, includes spamassassin for spam filtering and works really nice. Regards, Bojan Zdrnja
Powered by blists - more mailing lists