Majordomo-Users: Re: detecting viruses in attachments?

Majordomo-Users
(December 2000)

Indexed By Thread: [Previous] [Next]

Subject:	Re: detecting viruses in attachments?
From:	Will Bryant <will @ core-dev . co . nz>
Date:	Tue, 12 Dec 2000 19:53:52 +1300
To:	"Paul L. Schumacher" <wnpauls @ linux . winona . msus . edu>, majordomo-users @ GreatCircle . COM
In-reply-to:	<Pine.LNX.3.96.1001210120049.5435A-100000@linux.winona.msus.edu>


>Any suggestions on detecting viruses and bouncing them before they are
>resent.  Or suggestions on detecting attachment and removing them before
>they are sent will be appreciated.
put
/^content-type:.*\.(exe|com|zip|vbs|shs|hta|scr|chm)/i
/kak\.hta/
in taboo_body.  The first line catches all the trojan-type attachments, and 
the second is an example of catching things like kak - you can nab other 
such scripting attacks by choosing a similar keyword or two from the script.

_______________________________________________________________________
Will Bryant, will@core-dev.co.nz                    cell +64 21 655 443
http://www.core-dev.co.nz/    Personal: http://www.core-dev.co.nz/will/
ShareChat Ltd. technical manager            http://www.sharechat.co.nz/
[PGP 0x96A7F40A, FP 827F A2A9 C718 106D 8F80  E16E A244 D5F2 96A7 F40A]

References:

detecting viruses in attachments?
From: "Paul L. Schumacher" <wnpauls@linux.winona.msus.edu>

Indexed By Date	Previous:	Re: detecting viruses in attachments? From: Dan Liston <dliston@netscape.com>
Indexed By Date	Next:	Re: Config Not Found?? From: Dan Liston <dliston@netscape.com>
Indexed By Thread	Previous:	Re: detecting viruses in attachments? From: Todd Lyons <todd@mrball.net>
Indexed By Thread	Next:	Re: detecting viruses in attachments? From: "Khanh Tran" <khanh@slc.edu>