>Good job! ...
Blush, blush, thanks Scott.
>uploading a file named "C:\Winnt\windows.exe" or "lpt1:". Rather than
>search for all known security holes, Declude simply uses a number and the
>extension given in the E-mail (IE 1.com). So, if a virus is found, the
>report.txt file will show "1.com" as the file name, which is meaningless to
>the recipient. When Declude sees the file name as 1.com, it has to
>cross-reference with the file name that was listed in the E-mail, so you
>see "eicar.com" instead of "1.com".
I suspected this was your method but wasn't sure until you explained it,
above.
Your program decodes attachment sections and gives the scanner temporary
file names ... trade secrets out of the box eh? ... nice controllable way
to do it though. Now if only your cross-reference array routines
are polished I believe you'll have it. Keep up the good work.
AND, thanks for incrementing version number on the Declude.exe downloadable
files .... multiple versions of the same file was getting tedious.
Perhaps adding another variable (%VERSION%) could be useful as well.
I keep ALL the postmaster e-mails Declude is generating and it is there
all the variables are expanded ... version number would be nice to track.
I know, I could hard-code the version into the EML file but what the heck?
[ This E-mail came from the Declude.Virus mailing list. To ]
[ unsubscribe, just send an E-mail to [EMAIL PROTECTED], and ]
[ type "unsubscribe Declude.Virus yourname". You can E-mail ]
[ [EMAIL PROTECTED] for assistance. You can visit our web ]
[ site at http://www.declude.com . ]
