I came across testvirus.org yesterday (a simple way to email yourself various ways of encoding EICAR) and was fairly happy with the result.
I'm using sophos and it didn't catch the binhex encoded virus.
I'm also interested in solving the 'space gap' with MD, if possible
Of the 17 tests, 3 failed with MD+CLAMAV+F-PROT. Neither CLAMAV nor F-PROT detected the BinHex encoded copies of EICAR, though the scanners further down the line did. Fairly impressively MD did catch the "Outlook CR vulnerability", but nothing (not MD, not any of the later scanners) caught the "Outlook space gap vulnerability" test. Fortunately at that point Outlook blocked the attachment :)
I'm already discussing the BinHex problem on the CLAMAV list, but was wondering if anybody knew of a way to solve the "space gap" problem with MimeDefang.
TIA
-- Rob MacGregor (BOFH) [PGP key ID 0x1E51BF5A] If I cannot bend Heaven, I shall move Hell. -- Publius Vergilius Maro (Virgil). _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
---------------------------------------
Computers are machines to help you solve problems you wouldn't have if you didn't have a computer.
---------------------------------------
Ing. Andrea Gabellini
Email: [EMAIL PROTECTED]
Tel: 0549 886111 (Italy)
Tel. +378 0549 886111 (International)
Intelcom San Marino S.p.A. Strada degli Angariari, 3 47891 Rovereta Repubblic of San Marino
http://www.omniway.sm http://www.intelcom.sm
_______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
