"Martin" wrote in message
t...



I started to kill the beast using filters, but there always seemed to be a
couple of new ones needed for each new onslaught.

I found that it was much less frustrating to use my Norton Antivirus which
has an email option that automatically sends anything containing a virus
in
its definitions file (which was automatically updated to include swen)
directly to the Deleted Items folder without human intervention. Then I
check that folder when convenient before deleting everything with a click.
So far it's worked 100%.

Marty K1FHR



My problem is not the attachments. My ISP kills them but then I get a
message saying that the email has been cleaned so it's still a deluge of
emails.

Dee D. Flint, N8UZE

Dee D. Flint wrote:
My problem is not the attachments. My ISP kills them but then I get a
message saying that the email has been cleaned so it's still a deluge of
emails.

Same here, after the first day and a half of the attached exe file
email, road runner kicked in and now I get the "This mail contained
name virus and has been deleted.

Jeff

--
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." Benjamin Franklin
"A life lived in fear is a life half lived."
Tara Morice as Fran, from the movie "Strictly Ballroom"

Dee D. Flint wrote:
My problem is not the attachments. My ISP kills them but then I get a
message saying that the email has been cleaned so it's still a deluge of
emails.

Same here, after the first day and a half of the attached exe file
email, road runner kicked in and now I get the "This mail contained
name virus and has been deleted.

Jeff

--
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." Benjamin Franklin
"A life lived in fear is a life half lived."
Tara Morice as Fran, from the movie "Strictly Ballroom"

"Jeffrey D Angus" wrote in message
...


Dee D. Flint wrote:
My problem is not the attachments. My ISP kills them but then I get a
message saying that the email has been cleaned so it's still a deluge of
emails.

Same here, after the first day and a half of the attached exe file
email, road runner kicked in and now I get the "This mail contained
name virus and has been deleted.

Jeff

That's interesting. My ISP doesn't kill the attachments, and that is
actually making it easier for me to get rid of all the follow-on garbage
too. With the NAV email option everything with that attachment gets routed
immediately to the Deleted Items folder and I don't have to spend time on
the individual messages. Maybe you can get them to quit killing them ;-)

"Jeffrey D Angus" wrote in message
...


Dee D. Flint wrote:
My problem is not the attachments. My ISP kills them but then I get a
message saying that the email has been cleaned so it's still a deluge of
emails.

Same here, after the first day and a half of the attached exe file
email, road runner kicked in and now I get the "This mail contained
name virus and has been deleted.

Jeff

That's interesting. My ISP doesn't kill the attachments, and that is
actually making it easier for me to get rid of all the follow-on garbage
too. With the NAV email option everything with that attachment gets routed
immediately to the Deleted Items folder and I don't have to spend time on
the individual messages. Maybe you can get them to quit killing them ;-)

David Stinson wrote:

I'm having good success with filtering the SWEN worm garbage
using these filter terms (*letter case and phrases count*):

Filtering for SUBJECT:
Pack, Net Security, Upgrade, Update, Internet, Returned Mail,
User unknown, Returned to Mailer, Critical, failure,
Letter, Advice, Announcement, Message, Latest, Bug, Error,
Notice, Network, Security, Undelivered Mail, Status Notification,
Undeliverable.

Filtering for SENDER:
Microsoft, MS, Internet, network, Net Email, Administrator, Customer,
webservice, Message, Mail Delivery, webbot

So far, it's nailing about 95% of the stuff.
Be sure to check trash before deleting it, since
I was catching one "good" user when I included "ms"
uncapitalized by mistake.

Good luck weathering the storm,
Dave Stinson AB5S


Now THAT is an example of a GREAT post! THANK YOU!!!
I just set up the filters using your info and it works great!

David Stinson wrote:

I'm having good success with filtering the SWEN worm garbage
using these filter terms (*letter case and phrases count*):

Filtering for SUBJECT:
Pack, Net Security, Upgrade, Update, Internet, Returned Mail,
User unknown, Returned to Mailer, Critical, failure,
Letter, Advice, Announcement, Message, Latest, Bug, Error,
Notice, Network, Security, Undelivered Mail, Status Notification,
Undeliverable.

Filtering for SENDER:
Microsoft, MS, Internet, network, Net Email, Administrator, Customer,
webservice, Message, Mail Delivery, webbot

So far, it's nailing about 95% of the stuff.
Be sure to check trash before deleting it, since
I was catching one "good" user when I included "ms"
uncapitalized by mistake.

Good luck weathering the storm,
Dave Stinson AB5S


Now THAT is an example of a GREAT post! THANK YOU!!!
I just set up the filters using your info and it works great!

On Tue, 23 Sep 2003 13:18:49 GMT, David Stinson
wrote:

I'm having good success with filtering the SWEN worm garbage
using these filter terms (*letter case and phrases count*):

Filtering for SUBJECT:
Pack, Net Security, Upgrade, Update, Internet, Returned Mail,
User unknown, Returned to Mailer, Critical, failure,
Letter, Advice, Announcement, Message, Latest, Bug, Error,
Notice, Network, Security, Undelivered Mail, Status Notification,
Undeliverable.

Filtering for SENDER:
Microsoft, MS, Internet, network, Net Email, Administrator, Customer,
webservice, Message, Mail Delivery, webbot

So far, it's nailing about 95% of the stuff.
Be sure to check trash before deleting it, since
I was catching one "good" user when I included "ms"
uncapitalized by mistake.

Good luck weathering the storm,
Dave Stinson AB5S


This one kills 100% of the ones I've gotten so far: (case insensitive)

Subject: (microsoft OR critical OR update OR patch OR pack OR security
OR upgrade)

FROM: (microsoft OR security OR MS OR public OR bulletin)

It seems to be a lot easier if you look for individual words to
target, rather than whole phrases.

-Scott

To reply to this message via e-mail, replace "fromrarp" in the e-mail address with "scott"