> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Noel Jones > Sent: Friday, June 15, 2007 4:11 PM > To: Amavis-User Mail List > Subject: Re: [AMaViS-user] Someone missed a virus.. > > At 03:02 PM 6/15/2007, Bill Landry wrote: > > > > >I don't disagree. My comment was more toward the fact that > many virus > >scanners now support mime decoding and file unpacking themselves and > >thus the decoding feature of amavisd-new can be disabled (meaning no > >need to install and use unpackers within amavisd.conf, like ripole), >
I am not sure it works as expected: Jun 15 18:01:02 smtp1 amavis[35096]: (35096-07) Passed CLEAN, [204.89.241.173] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, Message-ID: <[EMAIL PROTECTED]>, mail_id: fnMl3GaRqFpe, Hits: -, size: 625100, queued_as: 90DAB50242F, 1371 ms I am whitelisted at that location, but should not affect banned attachments. In amavisd.conf: ['doc', \&do_ole, 'ripole'], grep ripole /var/log/maillog: Jun 15 17:44:23 smtp1 amavis[33994]: Found decoder for .doc at /usr/local/bin/ripole Send an email with an embedded 'package' (exe) in it: ripole -v -i this\ is\ a\ openvpn\ gui.doc -d /tmp Decoding filename=openvpn_2.0.1ms1.exe Email at http://www.secnap.com/downloads/withdoc.eml _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(tm). For Information please see http://www.spammertrap.com _________________________________________________________________________ ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/