[Mimedefang] ClamAV's Worm/Trojan/Joke/W97M classifications
Matthew.van.Eerde at hbinc.com
Matthew.van.Eerde at hbinc.com
Thu Jun 30 14:22:57 EDT 2005
mimedefang-bounces at lists.roaringpenguin.com wrote:
> On Thu, 2005-06-30 at 12:26, Matthew.van.Eerde at hbinc.com wrote:
>
>> 2. Imagine a USPS mail counter. Someone walks up to the counter
>> with a 5lb package that has wires sticking out of it, smells of
>> gasoline, and is ticking. The package has plenty of postage and the
>> return address is the White House. (This USPS mail counter is not
>> in the same ZIP code as the White House.)
>>
>> What is the mail clerk to do?
>
> To put this in MimeDefang terms, assume this started as a
> normal-looking package which has already been accepted and is now
> being put through a security scan near it's destination when the
> real nature is revealed. What do you tell the delivery agent who
> will only respond to your command?
1. Blow the package up.
2. Send the White House a form letter saying:
Subject: PACKAGE|EMAIL YOU SENT WAS DESTROYED
Due to USPS|domain.name policy, we were forced to destroy a package|email because it contained a bomb|virus (virus name)
It was labeled as follows:
From: <from address>
To: <to address>
Date: <date>
Subject: <subject>
3. See what you can do to catch these things earlier (add a better virus-scanner on the gateway)
--
Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902
Hispanic Business Inc./HireDiversity.com Software Engineer
perl -e"map{y/a-z/l-za-k/;print}shift" "Jjhi pcdiwtg Ptga wprztg,"
More information about the MIMEDefang
mailing list