One of the problems currently plaguing the Internet is that of viruses. A side effect of this is that a huge anti-virus industry has sprung up, offering products which defend against malicious software. Since many viruses are these days transmitted by e-mail, a lot of anti-virus software operates on e-mail systems. Unfortunately, a lot of it has historically been written pretty badly and (amongst other things) a major problem used to be sending ‘virus warnings’ to the purported senders of virus-infected e-mail. Unfortunately, however, almost all recent e-mail viruses fake the sender address (often picking a random one from files found on the virus victim’s computer), meaning that such ‘virus warnings’ end up adding to the problem rather than helping, since they end up going to innocent, unrelated third parties.

To help counteract this problem, back in 2000/2001 I produced a set of SpamAssassin rules which catch a large amount of these bogus ‘virus warnings’. For several years this ruleset was used on at least hundreds if not thousands (or more) systems around the world (at least, looking at the logs of systems connecting to my site each day to check for updates).

Since the release of SpamAssassin 3.2, you don’t really need these rules as they were mostly incorporated by Justin Mason into the new ruleset – thanks Justin! Also, the problem has reduced to some extent over the years.

If you’re still interested in the ruleset, it’s here:

NOTE: I don’t anticipate making further changes to this ruleset so please don’t auto-update it any more.

Related links