This new big one is called "MyDoom". I've had over 2000 copies so far (though a lot appear to be corrupt). I think this might be a new record setter.
But the biggest problem is not that. It's the stupid antivirus email to tell me that I am infected! I am not! This was a joe-job.
And the worst part is that I can develop a procmailrc filter for the virus mail, but not for the antivirus email.
If you are reading this and work for a company like Norton or Symantec, please tell someone how bad this is for all of us.
Re:Stupid Antivirus Email
jhi on 2004-01-28T17:42:34
> And the worst part is that I can develop a procmailrc filter for the virus mail, but not for the antivirus email.I grew desperate during the last outbreak... the below worked pretty well. Remove spurious linebreaks as necessary. This was of course last year, when I still cared about having messages falsely flagged as crap-- now I would store them all safely into
/dev/null. :0
* ^Subject:.*(automated response|(failure|mail) (delivery|noti|system)|delivery (fail|noti|problem|report|stat|unsucc|warning)|(no|u)ndeliver|returned|unable to (deliver|process)|Sua mensagem)
JUNK/daemon
:0
* ^Subject:.*([vw]irus|v[ií]rus|V[IÍ]RUS|v[ _]i.r.u.s|anti(gen|vir)|agresearch|emanager|esafe|epolicy|groupshield|interscan | mail(marshal|monitor|scan|.?sweep)|mdaemon|mimedefang|[ns]av |network associates|norton|scanmail|securemail|securityserver|symantec|worldsecure|((bann ed|blocked|dangerous|denied|disallowed|executable|forbidden|hostile|illegal|infe cted|invalid|prohibited|suspicious|unsafe|unsolicited) (attachment|content|delivery|e?.?mail|executable|file(name|.?type)?|message))|sp am|(attachment|courrier|content|e?.?mail|executable|file(name|.?type)?|message). *(re(fu|je)|block|delivery|isolat|quarant|remov|strip|violation)|blocked:)
JUNK/virus
