I implemented basic whitelists yesterday morning, as I was getting fed up with the flood of W32/Netsky.p@MM, W32/Bagle.n@MM, W32/Bagle.p@MM emails pounding my inbox.
Since then, 289 emails (that's a slow day) have dropped into the "I probably don't want to read this" mail folder, along with a couple of false positives I've since added to my address-book. I'm still getting a couple of virus mails reaching my main inbox as they appear to come from people in my address-book, but I think I can solve that by discarding unsigned emails from those people.
I don't quite understand how there can be Windows users out there without virus checkers installed at this point.
Posted by savs at March 23, 2004 8:35 AMI use a simple procmail rule to trash all mail with executable attachements:
:0B:
* ^Content-(|Type|Disposition):
* name=.*\.(bat|com|exe|lnk|pif|vbs|vbe|wsh|dll|scr)(")?(\ *|\t*)?$
.spam/
I still receive viruses-in-a-zip, but this rule filters most of the junk, even (falsely) sent by people I know.
Posted by: Sylvain Wallez at March 23, 2004 9:13 AMAre you using procmail on the Mac? What I'd really like is something similar to your suggestion, running on the server ...
Posted by: Andrew Savory at March 23, 2004 9:35 AMThat's what I do: procmail does run on the server.
Posted by: Sylvain Wallez at March 23, 2004 12:56 PM