[OT] Re: ATTACK TO MY SYSTEM

From: Steven Cole
Date: Tue Sep 23 2003 - 10:00:49 EST

Next message: David Mosberger: "Re: NS83820 2.6.0-test5 driver seems unstable on IA64"
Previous message: Justin Piszcz: "2.4.22 ide-scsi code broken"
In reply to: J.A. Magallon: "Re: ATTACK TO MY SYSTEM"
Next in thread: Wakko Warner: "Re: [OT] Re: ATTACK TO MY SYSTEM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

First, apologies to all since this is technically offtopic, but there
does seem to be enough interest in this subject that I'll provide a
short answer here.

On Tue, 2003-09-23 at 07:40, J.A. Magallon wrote:
> On 09.23, Mike Galbraith wrote:
> > At 11:12 AM 9/23/2003 +0200, german aracil boned wrote:
> >
> > >Please
> > >
> > >I have an important attack in my system!
> > >I received many mails from many nets! with virus attachment.
> > >I don't have virus in my unix system. But people send mails with my mail
> > >address. Please see mail's header. It's not from my system ip.
> > >
> > >I close now my system to more of 700 nets!! and continuous receiving
> > >mails now :(:(:(
> >
> > You aren't alone, I'm getting the same crap in my lkml account. I'm using
> > a pop previewer with filter to nuke it. I don't know what else you can do
> > about it other than to nuke the account, or hope that the ignorant twit
> > who's doing this manages to irritate one of the network gods.
> >
>
> Me too.
> Some pointer to that pop previewer ?
> Filter based on attachments ?

The problem with the W32.Swen.A@mm worm/virus became severe enough that
my home account on 56k dialup was almost unusable. I've been getting
hundreds of these large emails per day for the past several days, and
the problem seems to be getting worse, not better.

At my home account, I've switched from Evolution to Kmail for my MUA.
Under receiving options, you can select 'Filter messages if they are
greater than' some value you put in. I've selected 40K, and this
results in a few false positives, but Kmail allows you to then select
each message individually to be received, stay on the pop server, or get
trashed. This is clearly suboptimal, but better than getting all that
junk. It would be nice if 'getting trashed' was selectable as the
default, but that's a Kmail development issue.

Others have posted more elegant solutions using procmail. Perhaps some
email gurus can put together a FAQ and post its URL. Thanks in advance
if you do.

Steven

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Mosberger: "Re: NS83820 2.6.0-test5 driver seems unstable on IA64"
Previous message: Justin Piszcz: "2.4.22 ide-scsi code broken"
In reply to: J.A. Magallon: "Re: ATTACK TO MY SYSTEM"
Next in thread: Wakko Warner: "Re: [OT] Re: ATTACK TO MY SYSTEM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]