[ILUG] [OT] 'doze attacks
Lars Hecking
lhecking at nmrc.ie
Tue May 14 12:30:14 IST 2002
Niall O Broin writes:
> Is it just me or is the incidence of 'doze trojans increasing hugely ? I
> reconfigured fetchmail on my box here a while ago not to fetch anything
> bigger than 100K and if I see anything skipped I'll ssh into the mail server
> at my convenience to have a look. It can be be a large attachment someone
> has sent me for business reasons but in the last two weeks I'm suddenly
> getting lots of obvious 'doze trojans in attachments. Has the general level
> of such gone up in the world or has one of my addresses just ended up
> somewhere unsavoury ?
Klez variants, as noted elsewhere. Define "lots" :)
My amavis setup hasn't caught a single one of them - because they're neatly
blocked with postfix body checks :)
I have blocked around 1500 Klez infected mails so far, about 900 of which
were targeting $self. One of my fellow amavis developers told me he's
getting about 300/day ...
More information about the ILUG
mailing list