Admin email

[Julian Field]

At 07:10 05/08/2003, you wrote:
>Will the following work?
>
>deny    message.zip$            "mimaila" virus         "mimaila" virus

I would replace . with \. as you really mean "the character dot" and not
"any single character".


>Make sure each part is separated with tabs.
>
>Stephen
>
>On Mon, 2003-08-04 at 20:30, Max Kipness wrote:
> > What about a file rule for message.zip? Has anybody tried that?
> > Everytime I try one of these I end up with a syntax error in the logs.
> >
> > I will look for the Sophos update and the version of MailScanner based
> > on another reply to this.
> >
> > Thanks,
> > Max
> >
> > > -----Original Message-----
> > > From: Steve Thomas [mailto:lists at STHOMAS.NET]
> > > Sent: Monday, August 04, 2003 10:23 PM
> > > To: MAILSCANNER at JISCMAIL.AC.UK
> > > Subject: Re: Admin email
> > >
> > >
> > > On Mon, Aug 04, 2003 at 09:31:21PM -0500, Max Kipness is
> > > rumored to have said:
> > > >
> > > > My company hosts quite a few domains, and last Friday we started
> > > > getting emails admin at ourdomains.com with an attachment:
> > > message.zip.
> > > > The attached seems to make it through Fprot and Sophos ok, and I
> > > > haven't even bother to open it and see what it is. My question is
> > > > whether I could add a rule in spam.blacklist.rules like:
> > >
> > > Sophos should be picking it up - it's the latest and greatest
> > > virus and it's spreading pretty quick - make sure you've got
> > > sophos updated and email all your users (or just the ones
> > > that received it) and tell them not to open it.
> > >
> > >
> > > --
> > > "Plato was a bore."
> > > - Friedrich Nietzsche (1844-1900)
> > >

--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support