Hi, Barracuda recently announced they've identified a vulnerability in the Spreadsheet::Excel library used by amavis in their appliances. I didn't realize they were still using amavis and open source (and presumably spamassassin?). https://www.barracuda.com/company/legal/esg-vulnerability
I don't have this library on my system - is there a plugin that enables parsing of Excel spreadsheets for malicious code? I realize there is the ExtractText plugin, and although it doesn't actually work to identify any potentially malicious code within an Excel file, it does look to be much more comprehensive and capable. https://www.techtarget.com/searchsecurity/news/366564654/Another-Barracuda-ESG-zero-day-flaw-exploited-in-the-wild
