[Mimedefang] statement of fees virus

Andrew Watkins andrew at dcs.bbk.ac.uk
Thu Sep 4 10:57:27 EDT 2008

> --On Thursday, September 4, 2008 12:16 +0200 Marco Berizzi 
> <pupilla at hotmail.com> wrote:
>> Hi folks,
>> is there a reliable way to block this virus
>> with md? Clamav is not catching it :-((
> Refuse executable file attachments, including those inside zip files.
> Fees-2008_2009.zip contains Fees-2008_2009.doc.exe ... that's all we
> need to know to reject it here.

Yes! This is the only solution. Block all .exe in zip files.
Don't blame ClamAV, since you will find no virus software is blocking 
them since the virus signature is being altered so you find out that 
ClamAV may not catch it now, but it will tomorrow. At the moment is a 
bit of a cat and mouse game......

Hopefully people will get bored soon and stop sending these zip files...


More information about the MIMEDefang mailing list