[Exim] exiscan and pif in zip

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Rory Campbell-Lange
Dátum:  
Címzett: exim-users
Tárgy: [Exim] exiscan and pif in zip
exim4-heavy on Debian testing
Contains exiscan-acl patch revision 14 (c)

I'm concerned that we are getting a number of pif and scr files within
zip file archives. We allow zip files through exiscan.

I've looked at the file inside the zip file (often called something like
document.txt\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ .pif) and scanned it with
clamscan, which doesn't report it as having a virus payload. Is it not
one of the new activex worms?

Any advice or pointers to past threads much appreciated.

Kind regards,
Rory

--
Rory Campbell-Lange
<rory@???>
<www.campbell-lange.net>