[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Bouncing Email's with Attachements W32.Sircam.Worm@mm
- Subject: Re: [cobalt-users] Bouncing Email's with Attachements W32.Sircam.Worm@mm
- From: "Edward Bishop" <eddie@xxxxxxxxxxxxxxxx>
- Date: Thu Aug 2 10:09:36 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> From: Colin J. Raven <cjraven@xxxxxxxxxxx>
> Sent: Thursday, August 02, 2001 11:15 PM
> Get all of the above done, then post a sample of your verbose logging and
> we'll see what's happening.
OK, I'm getting interested now - always a bad sign. You've obviously
percieved that I'm new to Linux but thanks to you and other kind people on
this list I'm learning fast.
After some experimentation I modified your suggested procmailrc file
slightly as follows:
PATH=/bin:/usr/bin:/usr/bin
MAILDIR=$HOME/mail #you'd better make sure it exists (or else
modify
#it to lowercase "mail")
#Don't understand this
(I know, man procmailrc)
#but tried the lowercase
option and it seemed OK
#DEFAULT=$MAILDIR/mbox #completely optional
# I opted out because
that's not the path to my users' mail files... they are all
# in /home/spool/mail.
LOGFILE=/var/log/procmaillog #recommended # I changed file name and
location mainly because I was
#getting tired of typing
cat /home/sites/home/users/[username]/mail/log - and
#also because the
previous version seemed to require me to create a directory
#called log in every
user's folder?
LOGABSTRACT=ALL #A "Good Thing" (tm)
VERBOSE=ON #If you need to debug you need this set "on"
#turn it off after you know stuff works as intended
#else your logfiles get to be huge.
After this the mail is getting through again, but mails containing the virus
signature strings are not being blocked.
/var/log/procmaillog looks like this (the first message contained one of the
:strings, the second didn't):
procmail: [24416] Fri Aug 3 01:23:33 2001
procmail: Skipped "0:sircam.lock"
procmail: Skipped "* B ?? Hi\! How are you(\?|=3F)"
procmail: Skipped "* 1^0 B ?? I send you this file in order to have your
advice"
procmail: Skipped "* 1^0 B ?? I hope you like the file that I send( t)?o
you"
procmail: Skipped "* 1^0 B ?? This is the file with the information that you
ask for"
procmail: Skipped "* B ?? See you later(\.|=2E) Thanks"
procmail: Skipped "/home/tmp/sircam"
>From mysending@address Fri Aug 3 01:23:33 2001
Subject: Eddie testing 10
Folder: /var/spool/mail/testuser 2304
procmail: [24536] Fri Aug 3 01:26:28 2001
procmail: Skipped "0:sircam.lock"
procmail: Skipped "* B ?? Hi\! How are you(\?|=3F)"
procmail: Skipped "* 1^0 B ?? I send you this file in order to have your
advice"
procmail: Skipped "* 1^0 B ?? I hope you like the file that I send( t)?o
you"
procmail: Skipped "* 1^0 B ?? This is the file with the information that you
ask for"
procmail: Skipped "* B ?? See you later(\.|=2E) Thanks"
procmail: Skipped "/home/tmp/sircam"
>From mysending@address Fri Aug 3 01:26:28 2001
Subject: Eddie testing 10
Folder: /var/spool/mail/eddie 1610
Presumably "Skipped" means the lines are not being executed?
Eddie