Bug 32525

Summary: freebsd-questions should filter out known viruses
Product: Base System Reporter: Christopher Farley <chris>
Component: miscAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 4.4-STABLE   
Hardware: Any   
OS: Any   

Description Christopher Farley 2001-12-04 23:30:00 UTC 
   Lately, freebsd-questions has been receiving (and resending) a large
   number of email viruses, from the Sircam worm to the latest goner
   virus.

Fix: 

Implement Postfix body_checks on the mail server hosting 
   freebsd-questions to filter out attachments containing problematic
   extensions. My server's rules are pretty aggressive, but in 
   several weeks of filtering all my mail (including freebsd-questions),
   I have not rejected a valid email. A more conservative ruleset could
   be adopted, but here's what I use:

   # Filter out Sircam
   /^Hi! How are you=3F$/          REJECT
   /^Hola como estas =3F$/         REJECT

   # Reject attachments containing problematic extensions
   /(filename|name)=".*\.(asd|chm|dll|hlp|hta|js|ocx|pif)"/ REJECT
   /(filename|name)=".*\.(scr|shb|shs|vb|vbe|vbs|wsf|wsh)"/ REJECT

   # Reject known viruses
   /(filename|name)="(Happy99|Navidad|prettypark)\.exe"/ REJECT
How-To-Repeat:    Subscribe to freebsd-quesitons and count the email viruses!
Comment 1 Sheldon Hearn freebsd_committer freebsd_triage 2001-12-05 07:18:58 UTC 
State Changed
From-To: open->closed

Please take this up with the Postmaster <postmaster@FreeBSD.org>. 

The FreeBSD PR database is for problem reports relating to the 
FreeBSD operating system and ports tree. 

If someone told you to file a PR for this, please let us know who 
it was. :-)