Quoting Dan Hollis <goemon@anime.net>:
I am curious how network operators are dealing with the latest w32/bagle variants which seem particularly evil.
Also, does anyone have tools for regexp and purging these mails from unix mailbox (not maildir) mailspool files? Eg purging these mails after the fact if they were delivered to user's mailboxes before your virus scanner got a database update.
I am also interested in what network/mail folks are doing about this situation. Blocking all zip files at the mail level is next to impossible (since of course when we started blocking executable files, we told people to zip up executables) and since business can't be taken care of without someone requiring zip files to pass. I will be the first to admit that using mail as a file transfer protocol isn't the way to go, but getting people to realize that (and forcing them to change) is next to impossible. Brian