North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
here are some postfix patterns i found useful today
what you do is, install postfix 2.0 or later, set header_checks to some filename (in your main.cf), and in that file, you put the following: /^Subject: Anti-Virus Notification/ REJECT av01 /^Subject: BANNED FILENAME/ REJECT av02 /^Subject: File blocked - ScanMail for Lotus/ REJECT av03 /^Subject: InterScan NT Alert/ REJECT av04 /^Subject: Message deleted/ REJECT av05 /^Subject: NAV detected a virus)/ REJECT av06 /^Subject: Norton AntiVirus detected/ REJECT av07 /^Subject: RAV AntiVirus scan/ REJECT av08 /^Subject: Symantec AntiVirus/ REJECT av09 /^Subject: VIRUS (.*) IN MAIL FROM YOU/ REJECT av10 /^Subject: VIRUS IN YOUR MAIL/ REJECT av11 /^Subject: Virus Detected by Network Assoc/ REJECT av12 /^Subject: Virus Notification:/ REJECT av13 /^Subject: Virus found in a message you sent/ REJECT av14 /^Subject: Virus found in sent message/ REJECT av15 i guess this isn't something you can cut&paste into an IOS box, but it's sure saving my ass here today, so i thought i'd share. i'm getting MUCH MORE E-MAIL TRAFFIC today from antivirus adware servers than from worms. see also <http://www.attrition.org/security/rant/av-spammers.html>.