>There is much interest here in the idea of blocking email carrying
>ExploreZip so we don't have to rely on end-user intelligence(?!) to
>prevent an infestation. I realise that sticking filters into the pipe
>like this is not necessarily as good idea but nonetheless ...
I have my mailserver set up using McAfee's Unix uvscan program on a Linux
x86 server. Each user has a .qmail file that contains something like (this
is mine):
| condredirect [EMAIL PROTECTED] virscan
| deliver landen
Virscan is a homebrew Perl script that extracts Mime attachments, unpacks
archives & uses uvscan on the resulting files. If uvscan finds anything the
mail is redirected to the quarantine mailbox. It seems to be working pretty
well (catches about a dozen viruses a day, mostly Ethan.A) even though there
are some omissions. We use the Cyrus IMAPD server so messages are delivered
to the user's mailbox with 'deliver'. The McAfee DAT files are automatically
updated from their ftp server, so it basically runs itself (well almost).
Regards,
Peter van der Landen
Erasmus University Rotterdam
