Filtering virus-related e-mails?
Francois Pinard
pinard at iro.umontreal.ca
Wed Aug 27 16:21:34 EDT 2003
[Michael Hudson]
> I gather virus warning emails are quite hard to filter due to each virus
> program having a different format.
As my own name has been much (ab)used in `From' lines for such virus, I've
been receiving a great deal of such rejects for many days. It peeked at
around 5000 per day, but this is now decreasing.
Despite I use a few filtering devices already (spambayes is one of them!), a
lot was going through, and I had to spend the last two days for teaching my
-- unpublished -- filters how to do a better job for that overwhelming mass
of meta-email about viruses that was (incorrectly) sent back to me. The
thing now seem efficient enough, yet still, a few are slipping through.
I've nothing against sharing my code. On the other hand, I might not be
available enough to promise support: this has been written to solve personal
needs and might use configuration choices that would not please others.
Some anti-spam tools have a lot, lot more knowledge than my own filters.
Moreover, for the above processing, I did the work in a rush, not seeking
the ideal parameterisation. Also, the overall thing might be a bit tersely
documented. But if it could give ideas to the Python list maintainers (or
anyone else), I'm quite willing to make it available on request.
> Ten minutes after instituting the clever hack that saved mail.python.org,
> about 250 hosts were being rejected at the firewall level.
What is that clever hack? I'm mostly curious, but maybe interested too! :-)
--
François Pinard http://www.iro.umontreal.ca/~pinard
More information about the Python-list
mailing list