[Mimedefang] survey: dropping password protected file
-ray
ray at ops.selu.edu
Wed Mar 3 10:55:16 EST 2004
On Wed, 3 Mar 2004, Michal Jankowski wrote:
> This is close to what I'm doing - rejecting encrypted .exe files etc.
> Also, running File::Scan on archive members. See my previous mail on
> this subject:
>
> http://lists.roaringpenguin.com/pipermail/mimedefang/2004-March/020560.html
I implemented this code (thanks!) but it seems File::Scan is not catching
some variants of Beagle/Bagle that Clamd is catching. I wrote some code
to use clamd, basically replicating entity_contains_virus_clamd (called
zip_contains_virus_clamd) making changes as needed.
This added a good bit of code to mimedefang-filter. Is there a better way
to do this, can you just use message_ or entity_ functions? If anyone
wants the code, i can send it to the list. I just can't get VirusName
to work for some reason.
ray
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Ray DeJean http://www.r-a-y.org
Systems Engineer Southeastern Louisiana University
IBM Certified Specialist AIX Administration, AIX Support
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
More information about the MIMEDefang
mailing list