Newest Security Update (fwd)
Chuck Yerkes
chuck+baylisa at 2003.snew.com
Fri Sep 19 11:33:15 PDT 2003
Quoting David Wolfskill (david at catwhisker.org):
> >From: Russ Witte <rjwitte at rjwitte.com>
>
> >Anyone else getting some sort of variation of this? I've received about 10
> >or 12 over the last 48 hours along with an exe file (removed). Very good
> >social engineering ...
Hmmm, 160 in my personal mail since Thurs AM (35hrs?).
> Yeah, been getting 'em both at home and at baylisa.org; have yet to see
> them at freebsd.org. I think a sendmail "milter" that would nuke *.exe
> messages would be appropriate.
mimedefang will do this.
Sendmail Inc has an attachment milter, but you've got to
have switch, and that puts it into the 5 figure range
(I can do < $1000 without much approval, but solid 5 figures
means that this thing has to buff management's shoes and
integrate with HP OV well).
If you have Switch, already, there's an easy milter.
If not, mime-defang it.
More information about the Baylisa
mailing list