I found this older message in the archives. I'm receiving a lot of fake "Invoice" messages with attached encrypted .doc files that run VB scripts and execute .exe files.
I'd like to block encrypted Word documents. Interestingly, as Reindl Harald says, ".docx files *are* zip files", but lately I've been getting .doc files which are really .docx file. KDE Dolphin isn't deceived and opens the attachment as an archive, but Word in WIN7 goes ahead and opens it as a document. If I rename the document to .docx, then Dolphin opens it in LibreOffice. So, will ArchiveblockEncrypted work on .doc files too? I.e. is clamav smart enough to look beyond the extension? Will ArchiveblockEncrypted block *ALL* encrypted archives including zip? Finally, Dino Edwards wrote: > Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf (it's off > by default) Is that a typeo? Did he mean "you can turn ArchiveBlockEncrypted on in clamd.conf"? Seems like turning this "off" would NOT block encrypted files. THX --Mark -----Original Message----- > Date: Wed, 5 Apr 2017 21:19:47 +0200 > From: Reindl Harald <[email protected]> > > technically .docx *are* zip files > > Am 05.04.2017 um 21:08 schrieb Dino Edwards: > > Didn't realize the ArchiveblockEncrypted included MS Word files. I thought > > it would be for password protected zip rar and such > > > > -----Original Message----- > > From: clamav-users [mailto:[email protected]] On Behalf > > Of Benny Pedersen > > Sent: Wednesday, April 5, 2017 11:22 AM > > To: [email protected] > > Subject: Re: [clamav-users] password protected encrypted .docx files > > > > Dino Edwards skrev den 2017-04-05 16:48: > >> Any way to get clamav to block password protected Microsoft word files? > > > > Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf (it's off > > by default) > > > > if not working pastebin your clamconf (clamav section only) > > _______________________________________________ > > clamav-users mailing list > > [email protected] > > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > > > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > _______________________________________________ > clamav-users mailing list > [email protected] > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
