[Mimedefang] Re: Dealing with encrypted zip viruses
Ole Holm Nielsen
Ole.H.Nielsen at fysik.dtu.dk
Wed May 12 15:51:38 EDT 2004
Frank Doepper wrote in
http://lists.roaringpenguin.com/pipermail/mimedefang/2004-May/022220.html
a code snippet for detecting dangerous filenames in encrypted
ZIP files. I put this code in /etc/mail/mimedefang-filter
in sub filter() shortly after the call to filter_bad_filename().
Unfortunately, it appears that my Mimedefang 2.42 doesn't
work with Frank's code, or I did something wrong. The
/var/log/maillog said thus:
May 12 21:36:09 servfys mimedefang-multiplexor: started; minSlaves=2,
maxSlaves=10, maxRequests=500, maxIdleTime=300, busyTimeout=30
0, clientTimeout=10
May 12 21:36:09 servfys mimedefang-multiplexor: Starting slave 0 (pid
18549) (1 running): Bringing slaves up to minSlaves (2)
May 12 21:36:09 servfys mimedefang[18562]: Multiplexor alive - entering
main loop
May 12 21:36:12 servfys mimedefang-multiplexor: Starting slave 1 (pid
18569) (2 running): Bringing slaves up to minSlaves (2)
May 12 21:36:13 servfys sendmail[18511]: i4CJa9Wq018511: Milter
(mimedefang): write(D) returned -1, expected 5: Broken pipe
May 12 21:36:13 servfys sendmail[18511]: i4CJa9Wq018511: Milter
(mimedefang): to error state
I assume this means that Mimedefang has failed.
Is there any way to debug the code off-line, and to check
whether any prerequisite modules are present ?
I'd really love to get Frank's code to work so that we
can open up for .zip attachments again.
Thanks a lot,
Ole H. Nielsen
Dept. of Physics, Technical University of Denmark
More information about the MIMEDefang
mailing list