zipcon.net

home *** CD-ROM | disk | FTP | other *** search

/ zipcon.net / www.zipcon.net.tar / www.zipcon.net / pub / mail / virus / procmailrc next >

Wrap

Text File | 2004-08-04 | 23KB | 406 lines

#VERBOSE=on #Set on when debugging #LOGFILE=$HOME/proclog MAILDIR=$HOME/Maildir/ DEFAULT=$HOME/Maildir/ #============================================================================= # Ryan's Anti-Virus Recipe # # Copyright (c) 2004 Ryan Grove (ryan@wonko.com). # All rights reserved. # # Performs content-based (as opposed to signature-based) filtering for # common email viruses using Procmail scoring. # # Emails that don't contain attachments are passed through immediately. All # other messages start with -500 points. Points are added for each test the # message fails. At the end of all the tests, if the message has a positive # score, "X-VirusPoints" and "X-VirusName" headers are added to it and it is # moved to the specified quarantine folder. # # All virus information was obtained from http://www.viruslist.com/. # # For updates, visit http://wonko.com/software/ravr/. #============================================================================= ############################################################################## # User Configurable Settings ############################ # Folder in which to quarantine virus-infected emails. VFOLDER=$HOME/Maildir-spam/ ############################################################################## # End of User Configurable Settings ################################### LINEBUF=32768 NL=" " :0B * (Content-Disposition: attachment|Content-Transfer-Encoding: base64) { # Test virus :0WHBf * -500^0 * 600^0 ^Subject: virusfiltertest |formail -I "X-VirusPoints: $= ${NL}X-VirusName: Test" :0 a: $VFOLDER # I-Worm.Bagle.a :0WHBf * -500^0 * 100^0 ^Subject: Hi$ * 300^0 Test \=\) * 300^0 Test, yep\. |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Bagle.a" :0 a: $VFOLDER # I-Worm.Bagle.b :0WHBf * -500^0 * 300^0 ^Subject: ID [a-z]+\.\.\. thanks * 300^0 Yours ID [a-z]+ |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Bagle.b" :0 a: $VFOLDER # I-Worm.Bagle.c # I-Worm.Bagle.d # I-Worm.Bagle.e :0WHBf * -500^0 * 300^0 (Cya|Empty|Everything inside the attach|Look it through|Request|Response|Subj) * 300^0 ^Subject: (Hi!|New Price-list|Price|Price list|Price-list|Pricelist|Well...) * 300^0 name=.*\.zip * 400^0 ^Subject: (Accounts department|Ahtung!|Camila|Daily activity report|Flayers among us|Freedom for everyone|From (Hair-cutter|me)|Greet the day|Hardware devices price-list|Hello my friend|Jenny|Jessica|Looking for the report|Maria|Melissa|Monthly incomings summary|Proclivity to servitude|Registration confirmation|The (account|employee|summary)|USA government abolishes the capital punishment|Weekly activity report|Well\.\.\.|You are dismissed|You really love me\? he he) |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Bagle.c/d/e" :0 a: $VFOLDER # I-Worm.Bagle.f # I-Worm.Bagle.g # I-Worm.Bagle.h :0WHBf * -500^0 * 200^0 ^Subject: :\) * 300^0 (archive password:|password for archive:) * 300^0 ^Subject: (Aline|Anne|Audra|Barbi|Caitie|caroline|Jammie|Juli|Julie|kate|Katrina|Kelley|kleopatra|Lisa|Mandy|Mary|Mary-Anne|rebecca|Rena|Sara|stacy|Tammy) * 300^0 ^Subject: (Bad girl|beautiful|Fotograf|Gallery photos|groom|My beautiful person|My photos) * 300^0 Argh, i don't like the plaintext :\) * 300^0 Don''''t worry I don''''t bite * 300^0 Fell free to chat with me I accept all ages. * 300^0 Hey people whats goin on\? If there is anything you want to know about me ask me... * 300^0 Hey, guys! by the way, I have no problems with my sexual life, * 300^0 I am from Taiwan but I study in Camden, New Jersey now. * 300^0 name=.*\.(exe|scr|zip) * 400^0 ^Subject: (ello! =\)\)|Hey, dude, it's me \^_\^ :P|Hey, ya! =\)\)|Hi! :-\)|Hokki =\)|Wau... beautiful $-:|Weah, hello! :-$|Weeeeee! ;\)\)\)) * 400^0 ^Subject: (My Name is Frenk|My photoalbum|Myphotos|Photoalbum) * 400^0 ^Subject: \^_\^ (meay-meay!|mew-mew $-:) |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Bagle.f/g/h" :0 a: $VFOLDER # I-Worm.Bagle.i # I-Worm.Bagle.j :0WHBf * -500^0 * 200^0 (For more information|Further details|Advanced details|For details|For further details|Please,|Pay attention) (see the|can be obtained from|can be found in|read the|on) (attached file|attach) * 200^0 (the attached file is password protected|Attached file protected with the password|In order to read the attach) * 200^0 account has been temporarily disabled because of unauthorized access\. * 200^0 Our antivirus software has detected a large ammount of viruses * 200^0 Our main mailing server will be temporary unavailable for next two days, * 200^0 Some of our clients complained about the spam \(negative e-mail content$ * 200^0 We warn you about some attacks on your e-mail account\. * 200^0 Your e-mail account will be disabled because of improper using * 300^0 (Dear user of .*,|Hello user of .* e-mail server,|Dear user, the management of .* mailing system wants to let you know that,) * 300^0 ^Subject: (E-mail|Email) account (security|utilization|disabling) warning * 300^0 ^Subject: (Notify|Warning|Important notify) about (using the|your) e-mail account * 300^0 name="(Attach|Information|Readme|Document|Info|TextDocument|TextFile|MoreInfo|Message)\.(exe|pif|zip) |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Bagle.i/j" :0 a: $VFOLDER # I-Worm.Dumaru.a :0WHBf * -500^0 * 300^0 ^From: "Microsoft" <security@microsoft.com> * 500^0 ^More than 500.000 already infected! * 500^0 ^Subject: Use this patch immediately ! |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Dumaru.a" :0 a: $VFOLDER # I-Worm.Gibe :0WHBf * -500^0 * 200^0 (MS|Microsoft) (Client|Consumer|Customer|Partner|User) * 200^0 name="(patch|install|q|update).*\.exe" * 200^0 of all previously released patches\. * 200^0 this is the latest version of security update, the * 200^0 This update includes the functionality * 500^0 200(3|4), Cumulative Patch" * 500^0 MS Internet Explorer, MS Outlook and MS Outlook Express |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Gibe" :0 a: $VFOLDER # I-Worm.Hybris :0WHBf * -500^0 * 300^0 ^From: Hahaha <hahaha@sexyfun.net> * 300^0 ^Subject: Snowhite and the Seven Dwarfs - The REAL story! * 300^0 Suddlently, the door open, and the Seven Dwarfs enter * 300^0 The 7 Dwarfs always where very educated * 300^0 Today, Snowhite was turning 18 * 300^0 When they go out work at mirnign, they promissed * 500^0 filename="midgets\.scr" |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Hybris" :0 a: $VFOLDER # I-Worm.Klez :0WHBf * -500^0 * 100^0 ^Subject: (how are you|let's be friends|darling|your password|honey|some questions|please try again) * 100^0 name=.*\.(txt|htm|wab|asp|doc|rtf|xls|jpg|cpp|c|pas|mpg|mpeg|bak|mp3|pdf) * 400^0 ^Subject: (so cool a flash,enjoy it|japanese girl VS playboy|look,my beautiful girl friend|spice girls' vocal concert|japanese lass' sexy pictures|Undeliverable mail --|Returned mail --) * 500^0 ^Subject: (W32.Elkern|W32.Klez.E) removal tools * 500^0 ^Subject: Worm Klez.E immunity |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Klez" :0 a: $VFOLDER # I-Worm.Mimail :0WHBf * -500^0 * 100^0 ^Subject: your account * 200^0 Please read attachment for details * 200^0 This email address will be expiring * 300^0 Best regards, Administrator * 300^0 I would like to inform you about important information regarding your |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Mimail" :0 a: $VFOLDER # I-Worm.Mimail.c :0WHBf * -500^0 * 300^0 ^Subject: Re\[2\]: our private photos.+ * 300^0 All our photos which i've made at the beach $even when u're without ur bh:$\) * 300^0 Finaly i've found possibility to right u, my lovely girl :\) * 300^0 name="photos\.zip" * 300^0 photos are great! This evening i'll come and we'll make the best SEX :\) |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Mimail.c" :0 a: $VFOLDER # I-Worm.Mimail.h # I-Worm.Mimail.k :0WHBf * -500^0 * 100^0 It's all written there\. See you\. * 200^0 And yes, by the way here is the file you asked for * 200^0 Will meet tonight as we agreed, because on Wednesday I don't think I'll make it * 300^0 name="readnow\.zip" * 300^0 WUNKoF6iXiGHHdIIpKYRqLLjPM2qIKxjsF422R57D7dNg8cut3ALFiIn2yqmdHgq/MwwWF9qCmg4 * 400^0 ^Subject: don't be late![ ]+ |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Mimail.h/k" :0 a: $VFOLDER # I-Worm.Mimail.i :0WHBf * -500^0 * 100^0 secure application within the next five business days then * 100^0 services then you will need to run the application that we * 100^0 will be expiring within five business days\. We apologize * 200^0 ^From: donotreply@paypal\.com * 300^0 ^Subject: YOUR PAYPAL\.COM ACCOUNT EXPIRES * 400^0 name="www\.paypal\.com\.scr" |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Mimail.i" :0 a: $VFOLDER # I-Worm.Mimail.j :0WHBf * -500^0 * 50^0 Dear PayPal member, * 200^0 ^Subject: IMPORTANT * 300^0 ^From: Do_Not_Reply@paypal\.com * 300^0 name="(www\.paypal\.com\.pif|InfoUpdate\.exe)" * 300^0 We regret to inform you that your account is about to be expired in next five business days |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Mimail.j" :0 a: $VFOLDER # I-Worm.Moodown.b :0WHBf * -500^0 * 300^0 ^Subject: (fake|hello|hi|information|read it immediately|something for you|stolen|unknown|warning) * 300^0 (about me|anything ok\?|AnythingOk\?|do you\?|from the chatter|greetings|here|here is the document\.|here it is|here, the (cheats|introduction|serials)|i found this document about you|I have your password!|i hope it is not true!|i wait for a reply!|i'm waiting|information about you|is that (from you|true|your account|your name)\?|kill the writer of this document!|misc|my hero|ok|read (it immediately!|the details\.)|reply|see you|something about you!|something is (fool|going wrong)|stuff about you\?|take it easy|that is bad|that's funny|thats wrong|what does it mean\?|why\?|yes, really\?|you (are a bad writer|are bad|earn money|feel the same|try to steal)|your name is wrong) * 300^0 name=.*\.(exe|pif|scr) |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Moodown.b" :0 a: $VFOLDER # I-Worm.Mydoom.b :0WHBf * -500^0 * 100^0 ^Subject: (test|hi|hello|Mail Delivery System|Mail Transaction Failed|Server Report|Status|Error) * 300^0 Mail transaction failed\. Partial message is available\. * 300^0 sendmail daemon reported: Error #804 occured during SMTP session\. Partial message has been received * 300^0 The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment\. * 300^0 The message contains MIME-encoded graphics and has been sent as a binary attachment * 300^0 The message contains Unicode characters and has been sent asa binary attachment\. * 400^0 name="(document|readme|doc|text|file|data|test|message|body|scdjjno)\.(pif|scr|exe|cmd|bat|zip)" |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Mydoom.b" :0 a: $VFOLDER # I-Worm.Mydoom.e :0WHBf * -500^0 * 200^0 (Greetings|See you|Here it is|You are bad|Take it|Reply|Please, reply|Okay|OK|Everything ok\?|Check the attached document|The document was sent in compressed format\.|Please see the attached file for details\.) * 200^0 ^Subject: (hello|hi|Announcement|forget|bug|unknown|fake|Wanted) * 200^0 name="(body|message|test|data|file|text|readme|document|doc|msg|photo|resume|image|object|website|friend|joke|approved|paypal|disc|misc|part|mail|list|story|about|money|check|product|notes|your_document|note|information|textfile|posting|post|stuff|attachment|creditcard|details) * 300^0 (Details are in the attached document\. You need Microsoft Office to open it\. Information about you|We have received this document from your e-mail\.|Kill the writer of this document!|Something about you|I have your password :\)|You are a bad writer|Is that yours\?|Is that from you\?|I wait for your reply\.|Here is the document\.|Read the details\.|I'm waiting) * 300^0 ^Subject: (read now!|recent news|Read this message|please read|please reply|Thank You very very much|You use illegal File Sharing...|Your IP was logged|Your account is about to be expired|Love is) * 300^0 ^Subject: (Your (order|request) (was registered|is being processed)|Your credit card|Read it immediately|Something for you|For your information|You have 1 day left|Your account has expired) * 300^0 name=.*\.(exe|scr|com|pif|bat|cmd|zip|doc|htm|rtf|xls|jpg|gif|png|txt) |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Mydoom.e" :0 a: $VFOLDER # I-Worm.Netsky.c # I-Worm.Netsky.e :0WHBf * -500^0 * 200^0 ^Subject: (believe me|dear|Delivery Failed|denied!|error|exception|excuse me|fake\?|good morning|hello|Here is it|hey|hi|I'm back!|illegal\.\.\.|important|info|its me|last chance!|lol|moin|notice!|notification|private\?|Question|question|re:|Re: <5664ddff\?\$\?\?\?2>|Re: does it\?|Re: does it\?|Re: excuse me|Re: hello|Re: hey|Re: hi|Re: important|Re: information|Re: Re: Re: Re:|Re: unknown|read it immediatelly|report|something for you|Status|stolen|take it|trust me|warning|what's up\?|Yep|you\?)$ * 300^0 (\*lol\*|09580985869gj|\<\.\.\.\>|\<\<\<FAILURE\>\>\>|\<ANTISPAM complete\>|\<ATTACHMENT 34933920 Signature\>|\<ATTACHMENT Poland from\>|\<AUTOMAILER\>|\<CLICK decrypt to attachment the\>|\<DELIVER Error\>|\<FAILED available message\>|\<MAIL failed\>|\<MESSAGE Error\>|\<NULL\>|\<SERVER Error\>|\<TRANSFER complete\>|a crazy doc about you|abuse\?|account\?|already\?|another pic, have fun! \.\.\. :-\>|Antispam is turned off\. See file!|are you (a photographer\?|a teacherin the picture\?|cranky\?|the naked one\?|the naked person!|the one\?)|Attached Msg|attachi#|Authentification required\. Read the att\.\.\.|bad gateway|be mad\?|best\?|bob the builder|child or adult\?|child porn\?|classroom test of you\?|copyright\?|correct it!|did you (ask me for that\?|know from this document\?|know that\?|see her already\?|sent it to me\?)|do not (give up!|open the attachment!|show this anyone!|use my document!|visit the pages on the list I se\.\.\.)|do you have (an orgasm in the picture\?|sex in the picture\?|the bug also\?|\?)|do you (know the thief\?|know this\?\?\?\?|think so\?)|doc about me\?|doc\?|docs\?|does it (belong to you\?|match\?|matter\?)|drugs\? \.\.\.|excellent!|explain!|fast food\.\.\.|feel free to use it|File is (bad\.|damaged\.|self-decryting\.)|forgotten\?|from the chatter $my photo!$|from your lover ;-\)|gonna\?|good work!|great job!|great xxx!|great!|greetings|help attached|her\.|here is (it\.|my advice|my photo!|the \$%%454\$|the \<CENSORED\>|the document\.|the next one!|yours!)|here, the (cheats|introduction|serials)|how\?|I 've found your bill!|i am (desperate|speachless about your document!)|I don't (know your document!|think so\.|want your xxx pics!)|i found (that about you!|this document about you\.)|i have (received this\.|your password!)|i hope thats not true!|i know your document!|i like your doc!|i lost that|i need you!|i saw you last week!|I wait for (an answer!|your comment about it\.)|i want more\.\.\.|i've found it about you|illegal st\. of you\?|important\?|in your mind\?|incest\?|information about you\?|Instant patches|instruct me about this!|is that (criminal|possible|the reality|true)\?|is that your (account|attachment|beast|car|cd|creditcard|domain|family|finger|message|name|photo|porn pic|privacy|slip|TAN|website|wife|work)\?|is that yours\?|is the pic a fake\?|is this information about you\?|it's a secret!|it's so similar as yours!|its private from me|kill him on the picture!|kill the writer of this document!|let it!|lets talk about it!|Login required! Read the attachment!|love letter\?|man or women\?|meaning of that\?|message\?|Microsoft|misc\. and so on\. see you!|modifications\?|money\?|msg|my advice\.\.\.\.|never!|new patch is available!|ok\.\.\.|old photos about you\?|only encrypted!|pages\?|personal message!|picture\?|poor quality!|possible\?|pretty pic about you\?|pwd\?|read it immediately!|read the details\.|really\?|reply|scanned by norton antivirus|schoolfriend\?|see this!|see your name!|solve the problem!|something about you!|something is (going \.\.\.|going wrong!|not ok)|stuff about you\?|such as yours\?|take it easy!|tell me more about your document!|test it|that is interesting\.\.\.|that's a funny text\.|that's not the truth\?|thats wrong!|the information is wrong!|the truth\?|this file is bad!|this is (an attachment message!|nothing for kids!)|time to fear\?|Transaction failed\. Show the doc!|trial\?|try this patch!|Warning from the Government|what do you think about it\?|what means that\?|what still\?|what\?|who\?|why should I\?|why\?|wrong calculation! $see the attachment!\.\.\.|xxx \?|xxx about you\?|xxx service|yes\.|you are (a bad writer|bad|infected\. Read the details!|naked in this document!|sexy in this doc!)|you cannot hide yourself! \(see photo$|you earn money, see the attachment!|you feel the same\.|you have a sexy body in the pic!|you have done a mistake in the document\.\.\.|you have tried to steal!|you look like an (ape!rat\?)|you won the rk!|your account is expired!|your are naked\?|your attachment\? verify it\.|Your bill\.|your body\?|your design is not good!|your document is (not goodsilly!)|your eyes\?|your face\?|your hero in the picture\?|your icq number\?|your job\? $I found that!$|your lie is going around the world!|your name is wrong!|your personal record\?|your photo is poor|Your provider will be disabled!|your TAN number\?|yours\?) * 300^0 name=.*\.(com|doc|exe|htm|pif|rtf|scr|txt|zip) |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Netsky.c/e" :0 a: $VFOLDER # I-Worm.Netsky.d :0WHBf * -500^0 * 200^0 (Your document is attached.|Here is the file.|See the attached file for details.|Please have a look at the attached file|Please read the attached file.|Your file is attached.) * 300^0 ^Subject: Re: (Thanks!|Your document|Here is the document|Your picture|Hi|Hello|Here|Your music|Your software|Approved|Details|Excel file|Word file|My details|Your details|Your bill|Your text|Your archive|Your letter|Your product|Your website) * 300^0 ^Subject: Re: Re: (Document|Thanks!|Message) * 300^0 ^Subject: Re: Re: Re: Your document * 300^0 name=.*\.pif |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Netsky.d" :0 a: $VFOLDER # I-Worm.Netsky.f # I-Worm.Netsky.g :0WHBf * -500^0 * 300^0 ^Subject: Re: (Approved|Details|Document|Excel file|Hello|Here|Here is the document|Hi|My details|Re: (Document|Message|Re: Your document|Thanks!)|Thanks!|Word file|Your (archive|bill|details|document|letter|music|picture|product|software|text|website)) * 300^0 (Here is the file|Please (have a look at|read) the attached|See the attached file for details|Your (document|file) is attached) * 300^0 name=.*\.(pif|zip) |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Netsky.f/g" :0 a: $VFOLDER # I-Worm.Netsky.p :0WHBf * -500^0 * 300^2 (Congratulations!, your best friend|Do not visit this illegal websites!|For further details see that attachment|Greetings from france, your friend|Here is my phone number|I cannot believe that|I found this document about you|I have attached it to this mail|If the message will not displayed automatically,|follow the link to read the delivered message|Please confirm!|Protected message is available|Received message is available at:|Waiting for authentification|Your file is attached) * 300^0 name=(details.*|document.*|message|message\.doc|old_photos\.txt|part.*|postcard_.*|websites.*|your_document)\.(pif|scr|zip) * 200^0 ^Subject: (Mail Delivery $failure .*$|Postcard|(Private|Stolen) document|Re:(document|Extended Mail System|Hello|Notify|Proctected Mail System|Question)) |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Netsky.p" :0 a: $VFOLDER # I-Worm.Sircam :0WHBf * -500^0 * 300^0 (Hi! How are you\?|Hola como estas \?) * 300^0 (See you later\. Thanks|Nos vemos pronto, gracias\.) * 300^0 (Espero (me puedas ayudar con el archivo que te mando|te guste este archivo que te mando)|Este es el archivo con la informaci≤n que me pediste |I hope you (can help me with this file that I send|like the file that I send to you)|I send you this file in order to have your advice|Te mando este archivo para que me des tu punto de vista|This is the file with the information that you ask for) * 300^0 name=.*\.(bat|com|doc|exe|lnk|pif|xls|zip) |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Sircam" :0 a: $VFOLDER # I-Worm.Sobig.a :0WHBf * -500^0 * 300^0 ^From: big@boss\.com * 300^0 ^Subject: Re: (Movies|Sample|Document|Here is that sample) * 300^0 name="(Movie_0074\.mpeg|Document003|Untitled1|Sample)\.pif" |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Sobig.a" :0 a: $VFOLDER # I-Worm.Sobig.f :0WHBf * -500^0 * 50^0 Please see the attached file for details * 50^0 See the attached file for details * 200^0 ^Subject: (Re: )?Thank you! * 200^0 ^X-MailScanner: Found to be clean * 400^0 ^Subject: (Re: )?That movie * 400^0 ^Subject: (Re: )?Wicked screensaver * 400^0 ^Subject: Re: Approved * 400^0 ^Subject: Re: Details * 400^0 ^Subject: Re: Re: My details * 400^0 ^Subject: Re: Your application * 400^0 ^Subject: Your details * 400^0 name="(movie0045|wicked_scr|application|document_9446|details|your_details|thank_you|document_all|your_document)\.pif" |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Sobig.f" :0 a: $VFOLDER # I-Worm.Torvil.a :0WHBf * -500^0 * 100^0 ^Subject: (Pr0n!|Undeliverable mail--|Returned mail--|here's the document|Hello,) * 200^0 ^Subject: Who should read this bulletin: Users running Microsoft Windows * 300^0 ^Subject: (Do not release, its the internal rls!|Here's a nice Picture|NewInternal RIs\.\.\.|here's the archive you requested) * 300^0 dOnT gIvE iT aWaY\.\.\. iTs cOnFiDeNtIaL \=\) * 300^0 It's Important that you apply this fix now since we estimate the Buffer * 300^0 Overflow is at a Critical Level * 300^0 Real outtakes from Sex in the City!! Adult content!!! * 300^0 Vulnerability described in MS05-023 * 400^0 name="(Q723523_W9X_WXP_x86_EN|yourwin|probsolv|flt-xb5|document|sexinthecity|torvil|win\$shitrulez|sex|flt-ixb23|readit|document1)\.(bat|exe|jpg|pif|rar|scr|zip)" |formail -I "X-VirusPoints: $= ${NL}X-VirusName: I-Worm.Torvil.a" :0 a: $VFOLDER }