[Mimedefang] survey: dropping password protected file

-ray ray at ops.selu.edu
Wed Mar 3 10:55:16 EST 2004


On Wed, 3 Mar 2004, Michal Jankowski wrote:

> This is close to what I'm doing - rejecting encrypted .exe files etc.
> Also, running File::Scan on archive members. See my previous mail on
> this subject:
> 
> http://lists.roaringpenguin.com/pipermail/mimedefang/2004-March/020560.html

I implemented this code (thanks!) but it seems File::Scan is not catching
some variants of Beagle/Bagle that Clamd is catching.  I wrote some code
to use clamd, basically replicating entity_contains_virus_clamd (called
zip_contains_virus_clamd) making changes as needed.

This added a good bit of code to mimedefang-filter.  Is there a better way 
to do this, can you just use message_ or entity_ functions?  If anyone 
wants the code, i can send it to the list.  I just can't get VirusName 
to work for some reason.

ray
-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Ray DeJean  				       	 http://www.r-a-y.org
Systems Engineer                    Southeastern Louisiana University
IBM Certified Specialist  	      AIX Administration, AIX Support
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=




More information about the MIMEDefang mailing list