No announcement yet.

Onslaught of antivirus messages

  • Filter
  • Time
  • Show
Clear All
new posts

  • Onslaught of antivirus messages

    As a user of greylisting in conjunction with Bayesian filtering and procmail, I rarely get spam. The latest virus onslaught didn't seem so bad, as a simple procmail rule sent all messages with /(hi|hello)/i subjects and /\.zip$/ attachments straight to /dev/null.

    However, I'm running into a new problem, and one that's not easily solved. I came into work this morning to discover 30 messages I'd received from various antivirus programs informing me that a message that was sent with my e-mail address in the "From" field contained a virus. My Bayesian filter has started to catch more and more of these as my Junk folder is populated with them, but many more are still getting through.

    Has anyone come up with a good solution to dealing with these? They're incredibly annoying, and false positives are frequent. It seems like at least a few times a month I have to reassure a user that their Solaris machine doesn't have the Nimda virus or whatever was detected and that the remote MTA's virus scanner is getting a false positive.

    *sigh* E-mail would be so much better without attachments...
    45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
    45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
    [ redacted ]