Don’t run unexpected attachments

OK, folks, repeat after me: Don’t run unexpected attachments.

If you get email, and it has an attachment, and either you’re not actually expecting it, or the message body does not clearly explain what the attchment is, then delete it. It’s just that simple.

If it was from someone you know, contact them personally and ask them what it was that they sent you.

The latest worm/virus is yet another testament that people simply *refuse* to learn this simple lesson. But this one makes it stand out even more.

I mean, come on folks. The subject line is “Hi” and the message body is “Testy test”. Doesn’t this suggest to *anyone* that this is not legitimate email? And, yet, there are reports of *millions* of infected machines.

Once again, the Postfix rules:

In header_checks:

^Subject: Hi$ DISCARD Beagle virus/worm

and in mime_header_checks.regexp

/name=”?(.*).(ade|adp|asx|bas|bat|chm|cmd|com|cmp|crt|do|exe|hlp|hta|hta|inf|ins|isp|jse|lnk|mnb|mde|msc|msi|msp|mst|pcd|reg|rm|scr|pif|scr|sct|shs|url|vbe|vbs|vxd|wsc|wsf|wsh|xl)”?$/ REJECT For security reasons we reject attachments of this type

This particular worm is a combination of mail server administrator incompetence (or negligence) and people persistent refusal to use a smidgen of common sense when reading email. This is exactly the sort of worm that should have died before it ever infected the first person.