On 11/09/2011 10:42 PM, Simon Hobson wrote: > Per Jessen wrote: > >> The OP started by saying "there are ways to limit the level of archive >> that will be scanned as well as the size of the entities to be >> scanned", which are performance optimizing options one can use if >> desired. To which I commented that it's not about a message that can't >> be scanned, but whether your limits allow it to be scanned. Remove the >> limits, and everything is scanned (presumbly only limited by hardware >> resources). > > Well of course there have to be limits somewhere, and I recall one issue is > malevalent attachments designed specifically to crash extractors. > A second issue I recall from the past is the sending of password protected > archives - the scanner is unable to check it, but of course a user taken in > by the message may well open it. So that's a > separate consideration - whether to allow password protected archives or to > reject them.
There is BlockEncrypted for that purpose. Best regards, --Edwin _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
