Sysadmin Notifications
Roger Jochem
roger at RUDNICK.COM.BR
Wed Apr 7 14:26:38 IST 2004
It worked
I'm using the following rule in the notice administration now:
From: 192.168. yes
Virus: sobig no
Virus: dumaru no
Virus: mimail no
Virus: gibe no
Virus: mydoom no
Virus: netsky no
Virus: bagle no
Virus: cidra no
Virus: default yes
This notices me of every viruses coming from an internal machine on my
network, and notices me of external viruses if these viruses are not sobig,
dumaru, mimail, gibe, mydoom, netsky, bagle and cidra.
Hope this could be usefull for more people on the list...
Regards
Roger
----- Original Message -----
From: "Hirsh, Joshua" <joshua.hirsh at PARTNERSOLUTIONS.CA>
To: <MAILSCANNER at JISCMAIL.AC.UK>
Sent: Wednesday, April 07, 2004 10:14 AM
Subject: Re: Sysadmin Notifications
> > And if this netsky or any other viruses came out from an internal IP
> > address? This woud be important to me to know, independent of
> > the virus
> > kind...
>
>
> The rulesets support simple AND functions. I'm not sure if this one in
> particular supports IP's as well as the virus names. Play around with it
and
> give it a shot.
>
> Maybe something like this?
>
> Virus: sobig and From: domain.com yes
> Virus: sobig no
>
> I haven't tested it, so it might not work... but if it does, great! ;-)
>
>
> -Joshua
More information about the MailScanner
mailing list