[Mimedefang] statement of fees virus
Andrew Watkins
andrew at dcs.bbk.ac.uk
Thu Sep 4 10:57:27 EDT 2008
> --On Thursday, September 4, 2008 12:16 +0200 Marco Berizzi
> <pupilla at hotmail.com> wrote:
>
>> Hi folks,
>>
>> is there a reliable way to block this virus
>> with md? Clamav is not catching it :-((
>
>
> Refuse executable file attachments, including those inside zip files.
> Fees-2008_2009.zip contains Fees-2008_2009.doc.exe ... that's all we
> need to know to reject it here.
Yes! This is the only solution. Block all .exe in zip files.
Don't blame ClamAV, since you will find no virus software is blocking
them since the virus signature is being altered so you find out that
ClamAV may not catch it now, but it will tomorrow. At the moment is a
bit of a cat and mouse game......
Hopefully people will get bored soon and stop sending these zip files...
Andrew
More information about the MIMEDefang
mailing list