Spam update -- getting somewhere

Gerard Beekmans gerard at linuxfromscratch.org
Fri Mar 19 08:03:40 PST 2004


Hi guys,

I wasn't have much luck with the software we're using. Turns out that
spamassassin doesn't scan the headers that belong to attachments, so I
couldn't filter on those Content-Type: headers that tell you a zip file
is attached. That's fixed now, got the source code so I made some
changes and it will now scan the entire message as I think it should,
including encoded attachments (scans take a bit longer now but that's
not a big deal).

pif, exe, scr and com attachments will receive a score of 10.0 which
means they are rejected before they hit the mailinglist software.

zip files are dealt with a bit differently because some of us do receive
legitimate zip files so I have to configure the individual lists to scan
for ZIP_ATTACHMENT in the X-Spam-Status: header and if it's there, block
the message from the list.

Still can't find a global blacklist in Mailman so I will add these
ZIP_ATTACHMENT blocks to every list individually, won't take very long.

Regarding HTML spam that don't include attachments, I'll start blocking
those on a per-list basis. Some lists may want to allow html mail
(blfs-support *might*) to help people with broken mailers.

I'm blocking zip and html mails from lfs-dev and all other lists
(patches, hints, and so forth) except blfs ones. I've CC'ed blfs-dev so
if one of you guys can let me know if you want to keep allowing HTML
mail on blfs-* or not.


-- 
Gerard Beekmans

/* If Linux doesn't have the solution, you have the wrong problem */




More information about the blfs-dev mailing list