Home of the ColdFusion Community
|
Mailing Lists
|
Home /
Groups /
ColdFusion Talk (CF-Talk)
VIRUS ALERT!!! (Your details)
Author: Yves Arsenault
Short Link: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:26520#133379
You da man!
I've been on a PHP list for a bit as I'm trying to learn some (kind of
forced into it through work...) and I've seen multiple posts that appear to
contain viruses in the last couple of days.
Yves Arsenault
Carrefour Infotech
5, Acadian Dr.
Charlottetown, PEI
C1C 1M2
yves@carrefour.peicaps.org
(902)368-1895 ext.242
ICQ #117650823
And the answer it yes, there is something more efficient I can do for the
mail
system.
REFindNoCase('\.(pif|scr)$', odsmime_query.filename)
Will return true (i.e. not 0) if there's a .pif or .scr extension on an
attachment in the post. I love my system. :)
> I've been using CF to process the list mail for years now and the
anti-spam
stuff has come out of it. I just added in a new piece that first looks at
the
subject like so:
> REFindNoCase('Thank you|Your details|Approved|Details|Wicked
screensaver|That
movie|Your application', modsubject)
> and if this is true, does another REFindNoCase on the body (i.e. CFIF x
AND
y).
> Due to the wonders of short circut boolean evaluation, the body search
doesn't
go off unless the subject search returns true, saving a lot of processing.
> I'm looking at the raw posts to see if there's something even more
efficient.
If there is, I'll put it in.
> Have I mentioned that I love my mail system. :)
> >mike....what did you do to block those? with self modifying
> >senders....by subject?
>
Author: Michael Dinowitz
Short Link: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:26520#133349
And the answer it yes, there is something more efficient I can do for the mail
system.
REFindNoCase('\.(pif|scr)$', odsmime_query.filename)
Will return true (i.e. not 0) if there's a .pif or .scr extension on an
attachment in the post. I love my system. :)
> I've been using CF to process the list mail for years now and the anti-spam
stuff has come out of it. I just added in a new piece that first looks at the
subject like so:
> REFindNoCase('Thank you|Your details|Approved|Details|Wicked
screensaver|That
movie|Your application', modsubject)
> and if this is true, does another REFindNoCase on the body (i.e. CFIF x AND
y).
> Due to the wonders of short circut boolean evaluation, the body search
doesn't
go off unless the subject search returns true, saving a lot of processing.
> I'm looking at the raw posts to see if there's something even more
efficient.
If there is, I'll put it in.
> Have I mentioned that I love my mail system. :)
> >mike....what did you do to block those? with self modifying
> >senders....by
subject?
Author: Michael Dinowitz
Short Link: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:26520#133332
I've been using CF to process the list mail for years now and the anti-spam stuff
has come out of it. I just added in a new piece that first looks at the subject
like so:
REFindNoCase('Thank you|Your details|Approved|Details|Wicked screensaver|That
movie|Your application', modsubject)
and if this is true, does another REFindNoCase on the body (i.e. CFIF x AND y).
Due to the wonders of short circut boolean evaluation, the body search doesn't go
off unless the subject search returns true, saving a lot of processing.
I'm looking at the raw posts to see if there's something even more efficient. If
there is, I'll put it in.
Have I mentioned that I love my mail system. :)
>mike....what did you do to block those? with self modifying
>senders....by
subject?
Author: Tony Weeg
Short Link: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:26520#133329
mike....what did you do to block those? with self modifying
senders....by subject?
tony weeg
uncertified advanced cold fusion developer
tony at navtrak dot net
www.navtrak.net
office 410.548.2337
fax 410.860.2337
I've modified the list spam code to catch these. As normal for the
lists, we're safe from all attachments but a list member or two MAY be
infected and the new code will keep the messages away so to avoid the
annoyance. Note that these viruses are using email addresses OTHER than
the true sender. I've had a number sending as bh@houseoffusion.com and
this is an address that only exists hidden on web pages as a black hole.
----- Excess quoted text cut - see Original Post for more -----
Author: Michael Dinowitz
Short Link: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:26520#133323
I've modified the list spam code to catch these. As normal for the lists, we're
safe from all attachments but a list member or two MAY be infected and the new
code will keep the messages away so to avoid the annoyance. Note that these
viruses are using email addresses OTHER than the true sender. I've had a number
sending as bh@houseoffusion.com and this is an address that only exists hidden
on web pages as a black hole.
----- Excess quoted text cut - see Original Post for more -----
Author: Tony Weeg
Short Link: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:26520#133318
watch out guys, im getting like 10 emails a minute that's all virus,
called soBig
I guess its flying around like crazy....
plus another one just came from security@microsoft.com called patch.exe
not nice.
good luck all.
tony weeg
uncertified advanced cold fusion developer
tony at navtrak dot net
www.navtrak.net
office 410.548.2337
fax 410.860.2337
Please see the attached file for details.
|
May 24, 2012
|
Latest Fusion Authority Articles
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
