|
Hello again.
My Clamav-milter is working now with Sendmail for 2
days.
All goes Ok except for some strange behaviour
concerning to Exploit.IFrame.Gen.
One our user has subscription to mail list from SUBSCRIBE.RU site.
And the digest from there filtered and not delevered to him
with the words:
A message you sent to
<[EMAIL PROTECTED]> contained a virus and has not been delivered. stream: Exploit.IFrame.Gen FOUND We looked at code in this digest and do not find
any problem.
There are few blocks of HTML code like
<iframe src= "">
and then ></iframe>
When I deleted one of these blocks and tried to
resend
- all go ok.
There is nothing bad in this code according to my
point of view, only the HTML link inside.
On the other hand two other blocks with the same
structure
do not cause such behaviour of clamav.
Kaspersky AVP doesn't recognize any problem in
these digests fron SUBSCRIBE.RU
I'm sure clamav-milter understand what it
does.
But I tried to look for any description
of Exploit.IFrame.Gen virus and couldn't
find.
Can You please help me.
Where can I find the description of this virus: Exploit.IFrame.Gen
to show this description to our user.
Thank you in
advance.
M.
Khaletsky
|
- RE: [Clamav-users] Exploit.IFrame.Gen - description ? Michael V. Khaletsky
- RE: [Clamav-users] Exploit.IFrame.Gen - descript... Diego d'Ambra
