[Mimedefang] Zip --> Zip --> PIF
David F. Skoll
dfs at roaringpenguin.com
Fri Feb 18 21:38:06 EST 2005
On Fri, 18 Feb 2005, David Eisner wrote:
> The problem is that in general there is a delay between the time a virus
> outbreak occurs, and the time that virus scanners have updated DATs that
> detect it. That's one of the great things about Mimedefang -- it
> removes the potentially harmful attachment during this window.
MIMEDefang won't recursively scan a zip file.
To scan the "table of contents" of a zip file is relatively safe, and
if you have Archive::Zip, you can use re_match_in_zip_directory to detect
"dangerous" files in a zip.
However, to actually decompress a zip file is not safe (decompression
bombs can hurt), so we don't do that.
Regards,
David.
More information about the MIMEDefang
mailing list