[Clamav-users] Scanning BinHex Attachment

[Jeff Masud]

Hello,   I’ve been using clamdscan with qmail-scanner for quite some time now.  Recently we have noticed a couple of attachments which were xxx.gif.pif were allowed through the scanning system, by doing some testing, we were able to determine this was because the attachment was binhex encoded.    Here’s an example email that the *.pif which it didn’t catch.   clamscan / ClamAV version 0.74   Known viruses: 22220   bash-2.05a$ clamdscan 1088626977.9122.webmail,S\=20149\:2, /home/vpopmail/domains/sudjam.com/jeff/Maildir/cur/1088626977.9122.webmail,S=20149:2,: OK   ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 0.008 sec (0 m 0 s) bash-2.05a$   http://pobox.thezit.com/~jmasud/virusexample/1088626977.9122.webmail.txt   I know clamav will catch it if I upload just the attachment to the scanner test site, or if I email it back to myself using base64 encoding it gets caught.  I’ve searched the archives for binhex and found nothing that would help, besides from the docs and change log it appears binhex has been implemented just not sure why it’s not working for me.   Can someone suggest what I should or could do to resolve this?   Thanks Jeff