Yet Another antiVirus Recipe is a procmail that helps to filter out a lot of the most common e-mail worms. It detects worms with base-64 signatures (such as Klez, Hybris, and BugBear), HTML IFRAME exploits, CLSID hidden extension exploits, -XML code base exploits, executable extensions (bat, pif, vbs, vba, scr, lnk, com, and exe), and macros for doc, dot, xls, and xla files. It also detects most Nigerian scam e-mails.
|Tags||Communications Email Filters Security|
Release Notes: This release adds signatures for Bagle.zip, NetSky.Z, NetSky.AD, and Sober.I.
Release Notes: Several new signatures were added for Bagle.zip, Bagle.cpl, NetSky.AD, NetSky.L, NetSky.Q, and Blackmal.C. NetSky.L (Moodown) is a variable virus and the procmail trap is still on trial.
Release Notes: Many new signatures were added: Blackmal.C, Lovgate.X Mota.B, Bagle.AR, Bagle.AS, Bagle-zip, Netsky.AD, Bagle.AV, Bagle.AW, Bagle.cpl.
Release Notes: This release adds signatures for Mota.b, Download.JEct.c, NetSky.p, baglezip, and NetSky.M, and includes the .pi_ extension.
Release Notes: Signatures have been added for NetSky.p, Mota.b, baglezip, and MyDoom.o. More Mydoom.L & M handling has been added.