ʹ��procmail��e

ʹ��procmail��e-mail�İ�ȫ��

��

��Ѿ��һ��ȫ��桱��Ϣ��վ��Ҳ��֪��ʲô��顣

�򵥵��˵��;��Ϣ��վ��ʼ��Ա�Ѿ��Щ��ڽ��յ��ʼ��һ��ȷ�İ�ȫ��룬��Ҿܾ��Щ��ΪΣ�յ��ʼ��㿴һ�»��Microsoft Outlook�ʼ��Ƶķ��ã��Ϊʲô��ô��2001��ϰ��ʹ�80��2001��8�³�CNNfnվ��һƪ��£��

��ʵ����û�з��κ��Ϣ���� û��Ҳû��Ϊ��±�ָ�أ��ע��ֻ�Ǿ��˵��ļ��⡣��ֿ��ԣ�

��һ��ļ��Ѿ�Ⱦ��һ��Microsoft�ʼ��没��㲻֪��й��ˡ��Щ��ģ��ڴ��Щ��ʶ��˽��δ��㷢��ʼ��Ϣ��ˣ��Ǵ��Щ��㡱��ǵĸ��ʱ�ͻ��Ⱦ�Լ��ˡ�

�ڶ�� ̨��ļ��Ѿ��Ⱦ��һ��Microsoft�ʼ��Ѿ��ӱ��صĵ�ַ��ѡ��һ��ʼ��ַ��Ϊ��ڡ��ַ��ˣ��ͼ��Щ��Դ��⽫��һ��ԵĴ��ͨ�棬��һ��Mac��Linux�û��յ��˵��Ǹ�ĳ�˷��һ��Microsoft Outlook�ʼ��没��

��ͨ��Microsot Outlook�ʼ��没��2003��Ҷ��У��ĿǰΪֹ��SoBig,BugBear,MiMail��Klez��һЩ�ϵ��ʼ��没��У�SirCam,BadTrans,Goner,Aliz,Magistr,Apost��NimdaҲ��Ȼ��Ƕ��ҹ��ǡ��Щ��Ӳ��Щ�г��ߣ�Ȼ��ȷ��û�б��Щ��Ⱦ��

Ϊ�˱��Լ��ֹδ��Ĺ��װ��Symantec��s Norton ��ͦ�õģ��ұ��ֲ��µġ�ͬʱ��ȷ��ķ��ɨ��ʱû��ų��κ��ļ��Ҳ��Խ��ϵ��ôȥ��Ա��ǵļ��ᱻ��Ⱦ��Ӷ��ȥ��ˡ�

��յ�һ��ʼ��ĸ��Я��һ��ϵͳ��Ӧ�ó��ĸ��£��Ƿ��ߣ��Ҫ��Щ��Ȼ��Ӧ�̽�ͨ��ʼ��Щ��͸��£��Ǿ��ͨ��ʼ��͸��³��յ�һ��ʼ��˵��һ��һ��ߵĿ��˵��һ��ʹ��߲��ĳ��򡱣��Ҫ��Щ��һ��Ҵ��ʼ��˵��һ�ַ�ʽ��Ϊ�˻��㹻��ȥ��Ӷ��Ⱦ��Լ��

��ʵ��Ϊʲô�Ҳ��ܴ��ҵĸ����ţ��С�DEFANGED��֣��ʼ��ԱΪ�˱��ܹ��ִ�е�һ��ȫ��롣��û�б��κθı䡣Ψһ��Ǹ��ֱ��ƻ��Է�ֹ��Ȼ��Ȼ��˫��

�Ǿ��Щ��没��Ĵ��ʽ��Ǹ��ṩ��ͼ�ν��ӿ��ϵ�˫��䡣��ˣ�һ��ͣ��ȥ˼��һ�£��ܻ�ע�⵽��Ϣ��һ��û�к��ɸ��㷢��һ��ļ��ȫİ��ˡ��ļ��ֱ��ƻ��һ��ԭ��Ϊ��ǿ��ͣ��˼��һ��ļ��Ƿ��˫��

�ڶ��ԭ��ǣ��ȷʵ��װһ��渽��ṩһ��ȥɨ�財��ֱ��ʼ��򿪵Ļ��ּ��Ͳ��ᷢ��ˡ�

��ԭ��Microsoft��ǻۣ��㲻��֡�Windows��ϵͳ��һ��ѡ��֪��ļ��չ��ѡ��Ĭ��ǿ��ŵġ��ưѸ��Ϊ��ڡ�THISISAWORM.TXT.EXE��,��Windows��ʾΪ��THISISAWORM.TXT��һ��Ϊ��ǰ�ȫ��Ϊ�ļ��ԡ�.TXT��β�ģ��ļ��Windows��ˣ��ԡ�.TXT��β�ģ��˵��˫��ʱ��㲻�Ǵ��д�ְ塣��ǣ��㱻��Ⱦ�ˣ��没��̿�ʼ��ˡ�

һ��Ա��Լ��Ҫ�ķ�ʽ��ǹر��ļ��ȫ�Ƶ�ѡ��򿪡��ҵĵ��ԡ��ߡ�->��ļ��ѡ���ѡ�񡰲鿴��Ȼ��ѡ��֪�ļ��͵��չ��

�ƻ��չ��ʹ�ļ��ȫ�Ƴ��֣��Ӷ��յ�һ��Ϊ��THISISAWORM.TXT.12345DEFANGED-EXE��ĸ��ʱ��Ĵ��һ��ӡ�

��ʱ�򣬺Ϸ��ĸ��ļ��ƻ��磬��THISISNOTAWORM.ETC.12345DEFANGED-DOC��һ��ȫ��ȫ��ĵ��ļ��

Ϊ��ͬһʱ�䱣��ļ��ļ��ܼ򵥣��һ��ѡ�񡰱��Ϊ..��һ��Ի��򽫻�ѵ�ǰ��ļ��ѱ��ƻ��ģ��ʾ��ѡ��Ҫ��ļ��ļ��У�Ȼ��ʾ�ļ��ĵط��༭��DEFANGED��֡��磬��类�ƻ��ĸ��ļ��Ϊ��THISISNOTAWORM.ETC.12345DEFANGED-DOC��򵥵�ɾ��12345DEFANGED-��Ա�ظ�ԭ��ļ��THISISNOTAWORM.ETC.DOC��Ȼ��Ϳ��Խ��ҵĵ��Բ��˫��Ǹ��ļ��ش��ˡ�

Ĭ�ϵģ�ɱ��ʹ��˷ǳ��ߵİ�ȫ��ã��Щ��ö��ڴ��ڵ�ISP��internet��Ӧ�̣�ʹ��е�̫�ߡ��һ��ͥ�û��.EML(ת�ĵ��ʼ�)��͡�.VCF(V-card)��ISP�ƻ��ô��ϵ��ISP��s��̨��Ǽ��һ�㰲ȫ��á�

��ʵ����ҽ��㷢��ļ��Ѿ��й��ɨ�跢��û�б��Ⱦ�� Ϊʲô��ᱻ����ɨ��Ǳ��ģ��Ӧ��Ϊ��ɨ��һ�ֹ��ϵĲ��ʱ��Ҫ��Ǹ��ҪһЩ�죬Ȼ��Ĳ��ɨ��쵽��ǰ��õ��Ĳ��¡��ζ�Ŷ��²��ױ��ܹ��ģ��˵һ��ɲ��ı��壭��ı�һ�㡣�ٶ��ܴ��Ļ�,�ǻ��̫�졣��Ҳ��ζ��б�û�б��й��ĸ��£��ܹ��쵽�²��Լ��ɲ��µı��塣��û�б��ǵĲ��µģ��ǵȳ�ʼ�趨��30��60��˲Ÿ��¡��Ӧ��ֶ��ز��ļ��Ȼ��°�װ��õ��µĲ��Ⲣ�õ��һ��30��60��ĸ��ڡ�

��һ��棬��ߣ��һ��Ԥ��ָ��İ�ȫ��ǿ�ƹ��ߡ��ʼ�ϵͳ��Ա�ȿ�һ�·��գ�Ȼ��ĳЩ��ڹ��internert��ļ��̫Σ�ն��ǽ��ʼ�ϵͳ��Ļ��е��ڿ�ִ�е��ʼ��ɢ��ʼ��Ͳ��ǲ��µĲ��壬��ʼ��ֹ�ˡ��־ܾ��ζ��κξ��ļ��Ⱦ��ζ��ļ��û�б��ա�

��ϣ��ʼ�ͨ��ʼ��ȫ��Ҫͨ��һ�ַ�ʽ��ʹ��ֱ�ӱ�ִ�С�ʹ��WinZIP,Stuffit��ѹ��ļ��ĳ��Ƿ��һ��ͺͺ��ļ��Ҫ��һ��ָ�ʽ��ļ��Ҫ��ѹ��Լ�ѹ�ġ�.EXE��ļ��빲��һЩ��ڶ��Կ��ļ��Elf Bowling XXXVII��Щ��ǿ��Դӹ�Ӧ��Щ�ļ��URL��ֱ�ӷ��ļ��ǡ��㷢��һЩ��ܺܶ��˶��Ȥ��ļ��Ķȼ��ಾ��Ӥ��Ƭ��ô��Щ�ļ��ŵ��ĸ��վ��ȥ��ISP�ṩ��һ��ķ��Ȼ��URL��ļ��

��ע�⣺

�ʼ��Ա��Լ�վ��ʼ��ȫ��롣�Ҳ��ԡ��ƻ��ĸ��ļ��ʼ�ϵͳ��Ա��¡��ܰ��ǵ��ǵİ�ȫ��ã��㱻�ƻ��ĸ��ļ��ŭ�Ļ��Ҳ��Ϊ��¡�ͬʱ��߲��һ��ڿ��ķ��Ҳ��Ϊ��ȡ��ķ��

��ͨ��jhardin@impsec.org��Ҳ��Է��ҵ��ҳ��