Anybody know why this rule: (in 7.04 imail)
B~Name=.{1,10}\.xxx\s
wouldn't catch the following filename in a message:
Name=BADVIRUS.xxx
The rule of {1,10}, in my interpretation is supposed to allow for any number
of characters between 1 and 10, but it seems to be ignoring the 1, and
only
Trouble is, I am not using Declude (though maybe I should be.) I have the
new integrated Symantec Anti-Virus addon. And it is NOT CATCHING ALL THE
VIRUSES! Our IMail rules have bailed us out SEVERAL times, when Symcscan
let the virus pass. (this is happening mostly with the BadTrans virus).
Anyone have a good rule to filter for .com attachments? Obviously, a
.com file is an executable which could do damage. But when you use that
extension in the typical rule, (B~name=.*\.vb!s\s|name=.*\.com\s)...etc.
you get MANY false positives.
We are using the suggested rule to catch .vbs .scr
