I've been looking into setting up an IMAP mail server on my RedHat9 box (I want the family to be able to access all various mailboxes across any computer). I've been considering all the various options (UW vs. Courier, sendmail vs. postfix vs. qmail vs. exim, fetchmail, procmail, spamassassin, etc. etc. etc.). I hadn't decided exactly which way to go, and now I've got a new issue.

Someone who is infected by Swen is pounding me with its email, as well as attributing me as the sender of others. I would rather not have to deal with 150-200 virus-ladden notifactions of "patches" to fix my Microsoft OS!

Two questions:

1) What process to I follow to identify the origin of the infected computer(s) that is flooding me? Maybe I can contact the parties responsible and get them to fix it (yeah, I know, fat chance. But that's the best solution for all.)

2) What tools can I use to filter these at the server level? I know about filtering at the client, but I'd like to be able to get rid of these immediately, as soon as the mail is downloaded from my ISP.
- The Spamassassin web site states that it is a spam filter, not a virus filter. However, this is more like a spam attack than a virus attack. Can Spamassassin be used for my problem?
- If there is a more appropriate tool, what might it be? I know there are some Linux-based virus scanners, are they all for-pay products, or are there any free solutions?

Thanks in advance (from a frustrated newbie).

Darren Best

Anyone want to please look at this one again? It got pushed down real quickly. Thanks.

bump