On Monday 08 March 2004 8:36 pm, Jim Maul wrote:
> > Quoting John Jolet <[EMAIL PROTECTED]>:
> > > This brings up an interesting point. I've never seen a legitimate file
> > > on a windows box with two or more 3-character extensions. Would it be a
> > > bad assumption to make?
> >
> > Yes. Beca
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Eric
> Rostetter
> Sent: Monday, March 08, 2004 2:32 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [Clamav-users] Re: Simple patch for dealing with password
> zipfiles
>
>
ivs-milter (http://freshmeat.net/projects/ivsmilter/) has had this
feature since design date.
On Mon, Mar 08, 2004 at 11:03:55AM -0500, Brett Simpson wrote:
> >>> [EMAIL PROTECTED] 3/4/2004 5:35:34 PM >>>
> > Nope, that won't work. Besides blocking purely based on name we also run
> > 'file' on
>>> [EMAIL PROTECTED] 3/4/2004 5:35:34 PM >>>
> Nope, that won't work. Besides blocking purely based on name we also run
> 'file' on the attachments and block based on the type of file returned by
> 'file'. So, a windows executable renamed from foo.exe to foo.txt will
> still be caught as a banned
