As of 21:05 CEST, new antivirus patterns are available to detect the w32.nimda.a@mm worm. Please run a System and Pattern Up2Date to include protection against this worm in the ASL SMTP proxy.
Since the worm is also able to spread via HTTP requests sent by IE 5.0 / 5.01 browers, we recommed to disable Javascript either in the HTTP proxy settings or in the web browsers used in your organisation. Alternatively, you can also put these lines in the ACL section of /var/chroot-squid/etc/squid.conf-default:
code:
# .filter eml-files
acl worm urlpath_regex -i .eml$
http_access deny worm
and then stop and restart the HTTP proxy in WebAdmin.
Leave a Reply