> it, but I was wondering what test could check for
> UEsFBg== in a mime part
Ah. Tricky. That has the disadvantage of being a non-text mime part, so SA
tends to throw them in the trash. Nothing will find it on 2.6x, other than
perhaps a modification of the MICROSOFT_EXE
From: "Ben Wylie" <[EMAIL PROTECTED]>
> > Get Tim Jackson's bogus virus bounce ruleset.
>
> I've just added that ruleset but it didn't help as far as I can see.
> I have two custom rules which hit the text in the email, and spf also
caught
> it, but I was wondering what test could check for
> UEsF
> Get Tim Jackson's bogus virus bounce ruleset.
I've just added that ruleset but it didn't help as far as I can see.
I have two custom rules which hit the text in the email, and spf also caught
it, but I was wondering what test could check for
UEsFBg== in a mime part
Here
Get Tim Jackson's bogus virus bounce ruleset.
Loren
I get quite a lot of empty zip files, I presume from viruses having failed
to place themselves in them.
They always look like:
UEsFBg==
in base64.
Do others get these emails?
Could someone advice me as to what kind of rule I could write to block
these?
I presume a body r
