Virus Names Daily Report Script
Erik Jakobsen
eja at URBAKKEN.DK
Sat Oct 18 10:18:15 IST 2003
Corey S. McFadden wrote:
> Erik,
>
> I don't run postfix, so I'm not sure. It basically looks for maillog
> entries like this:
>
> Oct 15 11:26:39 san-anton1 MailScanner[1669]:
> /h9FGQXC03384/azxhnnjw.exe Found the W32/Swen at MM virus !!!
>
> So, if that's what you've got this will work...
Ok Corey. I'll look for that here. Thanks for your reply.
> -Corey
>
Erik.
> At 10:54 AM 10/18/2003 +0200, you wrote:
>
>> Will it work using postfix ?.
>>
>> Corey S. McFadden wrote:
>>
>>>
>>> Someone had asked me to post this script a couple days ago but I didn't
>>> get an opportunity to do so until now and don't have the original
>>> message to reply to, so sorry for spamming the whole list.
>>>
>>> Anyhow, we run this script daily to generate a report on all the viruses
>>> filtered by MailScanner and McAfee. I don't know what the maillog
>>> output looks like for other virus scanners, but if it's substantially
>>> different, modification will be necessary.
>>>
>>> http://web.csma.biz/apps/vnames.shtml
>>>
>>> The output is HTML-formatted with bullets and looks like this:
>>>
>>> Subject: E-Mail Viruses (Fri) - hostname
>>>
>>> Viruses found by MailScanner & McAfee today:
>>>
>>> * W32/Klez.h at MM.....2 times.
>>> * W32/Lovelorn.dr.....16 times.
>>> * W32/Lovelorn at MM.....10 times.
>>> * W32/Swen at MM.....12 times.
>>>
>>> A total of 40 viruses were found and filtered.
>>>
>>>
>>>
>>>
>>> If anyone finds this useful and wants to modify it to support another
>>> virus scanner, feel free. Please e-mail me any changes though and I'll
>>> link them on that page.
>>>
>>> Best wishes,
>>> -Corey
>>>
>>>
>>> --
>>> Corey S. McFadden & Associates,
>>> Technology Consultants
>>> direct - +1.610.972.4347
>>> c at csma.biz - www.csma.biz
>>> <http://www.csma.biz/>
>>> ********************************************
>>> This message has been scanned for viruses and
>>> dangerous content.
>>
>>
>>
>> --
>>
>> /Erik
>>
>> *********************************************
>> This message has been scanned for viruses and
>> dangerous content, and is believed to be clean.
>
>
> --
> Corey S. McFadden & Associates,
> Technology Consultants
> direct - +1.610.972.4347
> c at csma.biz - www.csma.biz
>
>
> *********************************************
> This message has been scanned for viruses and
> dangerous content, and is believed to be clean.
>
>
--
/Erik
More information about the MailScanner
mailing list