The author disclaims all copyrights and releases this document into the public domain.
Questions or comments about this page? Current ruminations available on my blog.
$Id: index.xml,v 1.3 2004/09/27 05:07:45 jmates Exp $
At best, viruses, worms, and similar malware flood mailboxes like spam. If vulnerable systems are involved, the results on the Internet can be much worse. The following notes should assist the configuration of the sendmail Mail Transport Agent (MTA) against various known malware.
General purpose anti-virus software is recommended in addition to other checks, as mailing lists and similar can alter static details on a virus to get by a specific test. Depending on the site, banning (by stripping) all attachments or blocking the many file extensions used by Microsoft data formats may yield good results.
To treat the problem instead of the symptoms, I strongly advise against using Microsoft products on the Internet. If such must be used, mandatory installation of anti-virus and firewall software must be required before the system is connected to the Internet. Viruses definitions should be updated at minimum daily.
Notes on specific viruses. I may add more notes as time permits.
Some viruses fake the sender information, which leads to problems when anti-virus software bounces the message to someone who did not send the virus. Either disable virus notifications and discard the message, or configure the anti-virus software to not notify on viruses that fake the sender information. In MIMEDefang, I currently quarantine and discard all malware, and use quarantine searching software to figure out how to deal with the message in question.
The amavisd-new project may contain a more up-to-date list of viruses that fake sender information.
The author disclaims all copyrights and releases this document into the public domain.
Questions or comments about this page? Current ruminations available on my blog.
$Id: index.xml,v 1.3 2004/09/27 05:07:45 jmates Exp $