[Mimedefang] not catching test viruses
Cormack, Ken
kcormack at acs.roadway.com
Tue Jan 20 13:51:52 EST 2004
Group,
It is evident that some of us have hosts that are letting some things slip
through, that shouldnt. These being highlighted by varying results we've
had with the tests used at http://www.testvirus.org/?co=
The following may be of help to those able/willing to write and contribute
MIMEDefang filters for these...
http://www.declude.com/virus/vulnerability.htm
Ken
-----Original Message-----
From: mimedefang-bounces at lists.roaringpenguin.com
[mailto:mimedefang-bounces at lists.roaringpenguin.com]On Behalf Of
Douglas, Jason
Sent: Tuesday, January 20, 2004 12:45 PM
To: mimedefang at lists.roaringpenguin.com
Subject: [Mimedefang] not catching test viruses
> In a post related to a clamav question, the URL
http://www.testvirus.org/?co= was given.
I am using the "bad windows extensions" list and clamav to virus scan.
The only tests that got through for me are the following:
# 8 Eicar virus sent using BinHex encoding within a MIME segment
#18 Outlook 'Blank Folding' Vulnerability (does not include Eicar virus,
but your mail server still must catch this)
#22 A file with a CLSID extension which may hide the real file extension
(does not include Eicar virus, but your mail server still must catch
this)
I would very much be interested in any solutions that come up as a
result of this discussion. Thanks!
Jason Douglas
Network Support Technician
http://scopicmedia.ca/
http://scopicmedia.com/jasond/
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
MIMEDefang at lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
More information about the MIMEDefang
mailing list