Need a SpamAssassin rule for sober.p worm
Posted on 2005-05-05
I am running procmail with Spam Assassin 2.63 on a FreeBSD server. I am new to spam assassin and have some difficulty understanding the syntax. Does anyone have a rule written to filter out the bombardment of mail with the sober.p virus attached?
The subject lines include:
Re: mailing error
Re: Registration Confirmation
Re: Your email was blocked
Re: Your Password
I also see that although spam assassin may mark many of these messages as spam, it still lets them through to the user. Is there a way that they can be bounced or deleted immediately?
Please help, when our mailboxes fill up it shuts down our ecommerce shared webserver at Verio!