[Mimedefang] Nested Attachments
Jon R. Kibler
Jon.Kibler at aset.com
Fri Mar 5 09:59:09 EST 2004
Hi all,
Using MD 2.39.
As some recent worms have been nearly making it through our AV scanners, we added ZIP files to the bad filenames list and quarantine such files for manual examination. However, with the latest worms, we have seen several instances where the ZIP (or PIF) files were nested attachments.
If my tests are accurate, MD will not recognize as a bad filename an attachment within an attachment. If this is indeed the case, it blows away our last line of defense for stuff missed by AV scans.
Two questions:
1) Does 2.39 recognize dangerous attachments within attachments?
2) If not, is this one of the fixes on 2.40?
Thanks!
Jon K.
--
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC USA
(843) 849-8214
==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.
More information about the MIMEDefang
mailing list