Hi all, Nowadays, i find myself in trouble while protecting mail servers from office related malicious email attachments.
ClamAV, even with unofficial signatures like sanesecurity, malwarepatrol etc. can't filter correctly these kind of office attachments. Rejecting all of them with postfix is not a option for me. I tried some spamassasian rules to give them high score but not worked as expected. I would appreciate it if you share your experiences. MTA:Postfix Filtering: ClamAV (with clamsmtp & all unofficial signatures) + SpamAssassin MDA=Dovecot (LMTP) + Sieve Hasan.
