North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: other virus damages/costs.....(hello skynet.be ?)
On Mon, 2 Feb 2004, Randy Bush wrote: : # MyDoom craziness : : : * ^Subject:.*(\ Actually, Mydoom has a very detectable signature. It has both X-Priority and X-MSMail-Priority headers, but *neither* a X-Mailer nor X-MimeOLE header. These conditions make, for instance, SpamAssassin catch the worm easily. Based on all the available mailboxes I can scan from here, such a check should kill only Mydoom [and some spam]. Rolled that into a milter, and poof! -- -- Todd Vierling <[email protected]> <[email protected]>
|