Re: [Exim] MyDoom filtering?

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Jonathan Vanasco
Data:  
Para: Exim-users
Assunto: Re: [Exim] MyDoom filtering?
Has anyone come up with a pattern to regex against the zipped
attachment?

It just seems so silly to unpack and scan hundreds of attachments that
are coming in for this virus.

I would love an ACL trick that does some flow like this:

deny if demimed attachment regexes true to prevalent virus of the week
deny if demimed / unzipped demimed attachment returns true from pipe to
virus scanning app
accept

anyone figure this out?