Re: [AMaViS-user] Someone missed a virus..
This is a discussion on Re: [AMaViS-user] Someone missed a virus.. within the Amavis User forums, part of the Anti-Spam and Anti-Virus Related Forums category; > -----Original Message----- > From: amavis-user-bounces@lists.sourceforge.net > [mailto:amavis-user-bounces@lists.sourceforge.net] On ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-15-2007
|
|||
|
|||
Re: [AMaViS-user] Someone missed a virus..
> -----Original Message----- > From: amavis-user-bounces@lists.sourceforge.net > [mailto:amavis-user-bounces@lists.sourceforge.net] On Behalf > Of Noel Jones > Sent: Friday, June 15, 2007 4:11 PM > To: Amavis-User Mail List > Subject: Re: [AMaViS-user] Someone missed a virus.. > > At 03:02 PM 6/15/2007, Bill Landry wrote: > > > > >I don't disagree. My comment was more toward the fact that > many virus > >scanners now support mime decoding and file unpacking themselves and > >thus the decoding feature of amavisd-new can be disabled (meaning no > >need to install and use unpackers within amavisd.conf, like ripole), > I am not sure it works as expected: Jun 15 18:01:02 smtp1 amavis[35096]: (35096-07) Passed CLEAN, [204.89.241.173] <scheidell@secnap.net> -> <jlappie@454.com>, Message-ID: <B3BCAF4246A8A84983A80DAB50FE724295C8B4@secnap2.se cnap.com>, mail_id: fnMl3GaRqFpe, Hits: -, size: 625100, queued_as: 90DAB50242F, 1371 ms I am whitelisted at that location, but should not affect banned attachments. In amavisd.conf: ['doc', \&do_ole, 'ripole'], grep ripole /var/log/maillog: Jun 15 17:44:23 smtp1 amavis[33994]: Found decoder for .doc at /usr/local/bin/ripole Send an email with an embedded 'package' (exe) in it: ripole -v -i this\ is\ a\ openvpn\ gui.doc -d /tmp Decoding filename=openvpn_2.0.1ms1.exe Email at http://www.secnap.com/downloads/withdoc.eml __________________________________________________ _______________________ This email has been scanned and certified safe by SpammerTrap(tm). For Information please see http://www.spammertrap.com __________________________________________________ _______________________ ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/...fo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ 
|
Linear Mode
