[Rspamd-Users] Virus replies automatically

Stefan Bauer cubewerk at gmail.com
Wed Jun 3 20:18:05 UTC 2020

our defense rule ishere :what we can not scan, we reject.

That works for us. just make sure the senders knows, that email was
rejected, why, and how they should exchange documents of this kind, the
right way.


Am Freitag, 29. Mai 2020 schrieb Rob Gunther <redrob at gmail.com>:

> I know this is not a new technique, but something we are seeing in the last
> couple days.
> There is a virus out there that is somehow accessing a user's email.  It
> sends replies back to the sender with a password protected .zip file and a
> password.
> Essentially, two people are having a conversation and the virus jumps in
> and sends a message on its own.
> The recipient has a high probability of opening the message because they
> know the sender and are actually having a conversation.
> I tested the virus with VirusTotal (sending them the .zip file) and of
> course not a single AV scanner can scan the file because it is encrypted.
> Smart virus, dumb users.  Who do you think is going to win here?
> Anyone have a suggestion how to go about stopping this virus?
> --
> Users mailing list
> Users at lists.rspamd.com
> https://lists.rspamd.com/mailman/listinfo/users

More information about the Users mailing list