Postfix anti-antivirus (was Re: procmail recipe for mydoom?)

on Fri, Jan 30, 2004 at 08:04:24AM -0500, James Morris (jmorris <at> redhat.com) wrote:
> Does anyone have a good one?

Related topic.  Link is a list of postfix reject rules for AV spam
headers.  The anti-antivirus.

    http://www.t29.dk/antiantivirus.txt

Peace.

--

-- 
Karsten M. Self <kmself <at> ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
   The golden rule of technical design:  complexity is the enemy.

_______________________________________________
linux-elitists 
http://zgp.org/mailman/listinfo/linux-elitists

Re: Postfix anti-antivirus (was Re: procmail recipe for mydoom?)

On Sun, Feb 01, 2004 at 10:19:05PM -0800, Karsten M. Self wrote:

> on Fri, Jan 30, 2004 at 08:04:24AM -0500, James Morris (jmorris <at> redhat.com) wrote:
> > Does anyone have a good one?
> 
> Related topic.  Link is a list of postfix reject rules for AV spam
> headers.  The anti-antivirus.
> 
>     http://www.t29.dk/antiantivirus.txt

That's nice but generating an automatic message in respond to an
automatic message doesn't help the problem.

sed 's/REJECT.*/DISCARD/'

Tim.
_______________________________________________
linux-elitists 
http://zgp.org/mailman/listinfo/linux-elitists

Re: Postfix anti-antivirus (was Re: procmail recipe for mydoom?)

on Mon, Feb 02, 2004 at 05:27:35PM +1100, Tim Potter (tpot <at> samba.org) wrote:
> On Sun, Feb 01, 2004 at 10:19:05PM -0800, Karsten M. Self wrote:
> 
> > on Fri, Jan 30, 2004 at 08:04:24AM -0500, James Morris (jmorris <at> redhat.com) wrote:
> > > Does anyone have a good one?
> > 
> > Related topic.  Link is a list of postfix reject rules for AV spam
> > headers.  The anti-antivirus.
> > 
> >     http://www.t29.dk/antiantivirus.txt
> 
> That's nice but generating an automatic message in respond to an
> automatic message doesn't help the problem.
> 
> sed 's/REJECT.*/DISCARD/'

obIdon'tRunPostfix.

Is that a reject _mail_ or a 5XX reject _message_?

If the latter:  it spreads clue.   Whether the clue sticks is another
matter.

Peace.

--

-- 
Karsten M. Self <kmself <at> ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
   Rules of Spam:  #3:  Spammers are stupid.

Re: Postfix anti-antivirus (was Re: procmail recipe for mydoom?)

<quote who="Karsten M. Self">

> Is that a reject _mail_ or a 5XX reject _message_?
> 
> If the latter:  it spreads clue.   Whether the clue sticks is another
> matter.

It also adds to the global bounce-to-forged-addresses fuckage, and makes
baby Jesus cry. I don't need any more clue from clueless drones who bounce
viral and wormal mail.

- Jeff

--

-- 
GVADEC 2004: Kristiansand, Norway                    http://2004.guadec.org/

  If Perl is gaffer, and Python is Magic Tape, then Ruby is self-adhesive
                                plate gold.
_______________________________________________
linux-elitists 
http://zgp.org/mailman/listinfo/linux-elitists

Re: Postfix anti-antivirus (was Re: procmail recipe for mydoom?)

on Mon, Feb 02, 2004 at 08:13:12PM +1100, Jeff Waugh (jdub <at> perkypants.org) wrote:
> <quote who="Karsten M. Self">
> 
> > Is that a reject _mail_ or a 5XX reject _message_?
> > 
> > If the latter:  it spreads clue.   Whether the clue sticks is another
> > matter.
> 
> It also adds to the global bounce-to-forged-addresses fuckage, and makes
> baby Jesus cry. I don't need any more clue from clueless drones who bounce
> viral and wormal mail.

Noted.

The useful information is probably the patterns which can be used in
filters to either delete or reject the mail.

Peace.

--

-- 
Karsten M. Self <kmself <at> ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
  And what do I get?  A one-way ticket to Palookaville"
  - M. Brando

_______________________________________________
linux-elitists 
http://zgp.org/mailman/listinfo/linux-elitists

Nautilus usage report

My file manager is bash.  But every once in a while, I like to remind
myself why that's the case....

I'd downloaded a set of zip archives, and remembered that there are
a number of utilities which provide virtual filesystem access to a
number of package / archive formats, including tarballs, ZIP archives,
DEBs, RPMs, and the like.

Note that I typically use WindowMaker as my desktop, and that this was
the case here and now.

MC popped straight into the zip archives, but wouldn't open the enclosed
PDFs, direct viewing of binary file formats not being sufficient for my
needss (though pdf2text might have been neat).

I played with XFCE4's file mangler and found it wouldn't open the ZIP
file.  OK, let's try Nautilus....

Oh dear.  12 MiB download over dialup...

...unless it happens to be cached already by apt-proxy.  Install took a
minute or so.

Fire up Nautilus.

  Bad:  Long time no see.  30-45 seconds to fire up, if not longer.
    See Jakob Nielsen's ten second rule.

  Good:  On second startup, it launches in about 15 seconds.  Still
    fails the ten second rule, but it's within spitting distance.  1.7

Re: Postfix anti-antivirus (was Re: procmail recipe for mydoom?)

> It also adds to the global bounce-to-forged-addresses fuckage, and makes
> baby Jesus cry. I don't need any more clue from clueless drones who
> bounce viral and wormal mail.

I don't like making baby Jesus cry.  My AV scanner rejects the virused mail 
on incoming SMTP instead of bouncing it.

Too bad Rav got bought out my MS.  I have been hearing very good things 
about CLAMAV but I am leery of configuring my mail system around something 
that requires fast updates and damn near perpetual monitoring (i.e. 
up-to-date virus signatures) but has no revenue stream to keep those doing 
it interested.

And yes, I do realize how ironic that is, considering all my servers run 
free/open-source software.  Am I wrong in feeling that virus scanning 
doesn't quite fit in to that philosophy?

Regards,
Andrew
_______________________________________________
linux-elitists 
http://zgp.org/mailman/listinfo/linux-elitists

Re: Postfix anti-antivirus (was Re: procmail recipe for mydoom?)

<quote who="Andrew">

> > It also adds to the global bounce-to-forged-addresses fuckage, and makes
> > baby Jesus cry. I don't need any more clue from clueless drones who
> > bounce viral and wormal mail.
> 
> I don't like making baby Jesus cry.  My AV scanner rejects the virused
> mail on incoming SMTP instead of bouncing it.

Reject *means* bounce (when a real MTA is the client).

> And yes, I do realize how ironic that is, considering all my servers run 
> free/open-source software.  Am I wrong in feeling that virus scanning 
> doesn't quite fit in to that philosophy?

It seems so; Clam has been quicker than some of the proprietaries in recent
times.

- Jeff

--

-- 
GVADEC 2004: Kristiansand, Norway                    http://2004.guadec.org/

  If Perl is gaffer, and Python is Magic Tape, then Ruby is self-adhesive
                                plate gold.
_______________________________________________
linux-elitists 
http://zgp.org/mailman/listinfo/linux-elitists

Re: Nautilus usage report

On Mon, 2004-02-02 at 04:17 -0800, Karsten M. Self wrote:
>   Bad:  won't open the ZIP archives.  OK, maybe it doesn't support the
>     format.
>   Bad:  won't open a tar.gz archive.

apt-get install file-roller

--

-- 
The most difficult thing in the world is to know how to do a thing and
to watch someone else doing it wrong, without commenting.
				 -- T.H. White

_______________________________________________
linux-elitists 
http://zgp.org/mailman/listinfo/linux-elitists

Re: Nautilus usage report

Tom Duffy <tomduffy <at> dslextreme.com> writes:

> On Mon, 2004-02-02 at 04:17 -0800, Karsten M. Self wrote:
>>   Bad:  won't open the ZIP archives.  OK, maybe it doesn't support the
>>     format.
>>   Bad:  won't open a tar.gz archive.
>
> apt-get install file-roller

apt-get install procmail

_______________________________________________
linux-elitists 
http://zgp.org/mailman/listinfo/linux-elitists