How about only trying every word in the mail-body as a key to try, instead of brute-forcing? The virus(-writer) cannot afford to fudge the password in the mail-body: One would hope that the subset of users that is clever enough to reconstruct the password, yet stupid enough to use that to open it, is small enough to make the virus unviable.
Good point. That should take less than a second. My 700 MHz machine can try every word in an unabridged English dictionary in about 15 seconds.
Though there could be HTML bodies with the pass<!-- obscured -->word.
-- Chris
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
