Date: Mon, 29 Mar 1999 19:47:23 -0500 From: Laurence Berland <stuyman@confusion.net> To: Brett Glass <brett@lariat.org>, security@freebsd.org Subject: Re: Virus Announcements Message-ID: <37001F1B.C2B92D74@confusion.net> References: <4.2.0.32.19990329155900.00a557c0@localhost> <4.2.0.32.19990329164244.04553770@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Just read something about Melissa on ZDNet, scanning it to see if it's dumbed down enough to be read by my computer-illiterate parents. And what do I see at the bottom? That Brett Glass contributed to the article. That makes me happy. I'm glad to see that people from BSD help out windows users, as silly as they may be. Congrats Brett. Brett Glass wrote: > Sendmail's filtering is quite limited compared to that of Procmail. And > the "quick fix" posted by Sendmail, Inc. is trivial to defeat. We've > installed both, and the Procmail filters are catching lots more suspicious > traffic. > > --Brett > > At 05:24 PM 3/29/99 -0600, Igor Roshchin wrote: > >If you are talking about using FreeBSD to filter Melissa virus > >(and some similar virus), you might consider tweaking the rulesets for > >sendmail. > > > >I haven't tried installing that ruleset, > >but the CERT advisory recommended: > > > ><quote> > >III. Solutions > > > > * Block messages with the signature of this virus at your mail transfer > > agents. > > > > With Sendmail > > > > Nick Christenson of sendmail.com provided information about > > configuring sendmail to filter out messages that may contain the > > Melissa virus. This information is available from the follow URL: > > ftp://ftp.cert.org/pub/cert_advisories/Patches/CA-99-04-sendmail-m > > elissa-filter.txt > ></quote> > > > >Since sendmail is the default MTA in FreeBSD, this might be more universal > >to the general public (compared to procmail's rules/patches). > > > >IgoR > > > > > >PS. I agree that this list should contain only FreeBSD-related > >(or potentially related) issues. > >Other issues are important, but there are other lists for them - > >e.g. BUGTRAQ .. > > > >> OK, here's something FreeBSD-specific we ought to do. Let's make > >> up a FreeBSD package that installs John Hardin's e-mail sanitizing > >> filters with some sane default settings that kill the Melissa virus. > >> > >> John's filters can be found at > >> > >> ftp://ftp.rubyriver.com/pub/jhardin/antispam/procmail-kit.html > >> > >> All we need to do is tweak the paths for FreeBSD, bring in > >> procmail as a dependency, and tell the user how to configure > >> Sendmail to use procmail as the local delivery agent. > >> > >> This would be something that could be touted as an advantage of > >> using FreeBSD as a mail server. > >> > >> Of course, I'll probably be told that this is a bad idea because > >> Jordan didn't think of it. > >> > >> --Brett Glass > >> > >> > >> At 01:47 PM 3/29/99 -0800, patl@phoenix.volant.org wrote: > >> >> And mind you, the two of you may sit in your own private heavens, > >> >> but many of the rest of us work in the real world. This particular > >> >> outbreak seems to warrant the original email. > >> > > >> >If by 'the real world' you mean an environment where you need to > >> >worry about virii that infect Windows, M$ Word documents, Excell > >> >spreadsheets, etc.; then you should be subscribed to one or more > >> >lists dedicated to those topics. Let's keep this list FreeBSD > >> >specific, please. > >> > > >> > > >> > > >> >-Pat > >> > > >> > > >> >To Unsubscribe: send mail to majordomo@FreeBSD.org > >> >with "unsubscribe freebsd-security" in the body of the message > >> > >> > >> > >> To Unsubscribe: send mail to majordomo@FreeBSD.org > >> with "unsubscribe freebsd-security" in the body of the message > >> > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Laurence Berland, Stuyvesant HS Debate <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><> Windows 98: n. useless extension to a minor patch release for 32-bit extensions and a graphical shell for a 16-bit patch to an 8-bit operating system originally coded for a 4-bit microprocessor, written by a 2-bit company that can't stand for 1 bit of competition. http://stuy.debate.net icq #7434346 aol imer E1101 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37001F1B.C2B92D74>