[GTER] Dica: Postfix - body_checks - virus Mydoom at MM
Julio Cesar Covolato
julio at psi.com.br
Tue Jan 27 19:48:40 -02 2004
Depois de analizar os anexos de alguns virus, percebi que é
possível bloqueá-los via body_checks antes de serem scaneados pelo
antivirus, salvando recursos preciosos da cpu no servidor de email.
Adicione no body_checks:
/^RSLxwtYBDB6FCv8ybBcS0zp9VU5of3K4BXuwyehTM0RI9IrSjVuwP94xfn0wgOjouKWzGXHVk3qg$/
REJECT VIRUS(sobig.f)
/^ZGUuDQ0KJAAAAAAAAAB\+i6hSOurGATrqxgE66sYBQfbKATvqxgG59sgBLerGAdL1zAEA6sYBWPXV$/
REJECT VIRUS (W32/Swen at MM)
/AAAAAAAAyAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4g/
REJECT VIRUS (W32/Bagle at MM)
/^(UEsDBAoAAAAAA|ApIAUCZKAEAD\/bJpmiwQBPQl6AEAS85pmm7ZH8gqwAO4sKimaZqmoJiQiICapmmaeHBoYFhQzWCf)/
REJECT VIRUS (W32/Mydoom at MM)
Abraços,
-----------------------------
_ Julio Cesar Covolato
0v0 <julio at psi.com.br>
/(_)\ F: 55-11-3129-3366
^ ^ PSI INTERNET
-----------------------------
More information about the gter
mailing list