On Wed, 29 Jun 2011 13:12:30 +0300
Török Edwin articulated:
> On 2011-06-29 13:04, polloxx wrote:
> > On Wed, Jun 29, 2011 at 11:45 AM, Henrik K <h...@hege.li> wrote:
> >> On Wed, Jun 29, 2011 at 12:27:46PM +0300, Mihamina Rakotomandimby
> >> wrote:
> >>>> On Wed, 29 Jun 2011 11:24:24 +0200
> >>>> polloxx <poll...@gmail.com> wrote:
> >>>
> >>>> Are there other user with the same problem? Any solution?
> >>>
> >>> I have the same problem.
> >>> I manage a mail server used by a vendor of DHL.
> >>>
> >>> Pretty annoying as far as all emails from DHL are sensible and
> >>> important for the suers :-)
> >>>
> >>> Unfortunately, I have found no solution... yet.
> >>
> >> So your users receive lot of legimate exes?
> >>
> >
> > It was a zip file.
>
> If you don't want to allow executables and archived executables to be
> sent via e-mail then add these signatures to your dbdir:
>
> $ cat >policy.ndb <<EOF
> Policy.NoExecutables:1:*:4d5a{60-300}50450000
> EOF
>
> $ cat >policy.cdb <<EOF
> Policy.Container.NoExecutables:*:*:.+[.]([Ee][Xx][Ee]|[dD][lL][lL]|[Bb][Aa][Tt]|[Cc][Oo][Mm]|[Ll][Nn][Kk]|[Cc][Mm][Dd]|[Jj][Ss]|[Vv][Bb][Ss]):*:*:*:*:*:*
> EOF
Seriously! Why not have the user shut down his mail system entirely.
That would pretty much ensure that no Virus or Malware is delivered via
SMTP.
Your suggest is only feasible if the user never wants to receive any
executable or archived file formats. Assuming that they do, a better
solution has to be implemented.
--
Jerry ✌
clamav.u...@seibercom.net
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________
No matter how cynical you get, it's impossible to keep up.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
