SwenDeleter tries to identify email messages infected with the Swen worm in POP3 mailboxes and delete them on the server. It applies some heuristics to the headers and size of the messages, in order to avoid downloading the actual email, thus making retrievals less taxing. It has both interactive and nonstop modes.
|Tags||Communications Email Filters|
|Operating Systems||OS Independent|
Release Notes: Handling of the threshold option was fixed.
Release Notes: In this version, the size threshold and highlighting are now parameters. The server, login, and password can be entered interactively.
Release Notes: Patterns were revised, taking a third study of the worm into account and some false negatives. Some bugs were fixed. The code was refactored.
Release Notes: The heuristics are now stronger and performance was improved. POP3 settings are now passed as parameters. Precompiled binaries for Windows were provided, and specific instructions for OS/2 were included. The code was also cleaned up.
Release Notes: Parameters are now read from the command line. Instructions for Windows users have been added. A distribution with a self-contained precompiled executable for Windows is provided.