I'm running Declude 1.78i27
I'm running FProt 3.14e
I just had a customer send me an email that they received that was
questionable, and Norton on my desktop caught it as [EMAIL PROTECTED] -- which
has been out for a couple of weeks.
Since this is an encrypted EXE inside of a zip file, it doesn't suprise me
that FProt didn't catch it (actually, according to the log it gave an
errorlevel 8), but I thought I had it banned by declude.
The problem is:
BANEXT exe
BANZIPEXTS OFF
BANEZIPEXTS ON
The idea was that I will let anything go through in a standard zip, but
not as a stand-alone file or encrypted in an archive.
These lines will ban .exe files within encrypted .ZIP files, but only if
you are using Declude Virus Pro (the Standard and Lite versions do not
support the banning of file extensions within .ZIP files).
If you add a line BANEXT EZIP to the \IMail\Declude\virus.cfg file (with
the latest interim, which you are running), then all encrypted .ZIP Files
will get caught.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus: Ultra reliable virus detection and the leader in mailserver
vulnerability detection.
Find out what you've been missing: Ask for a free 30-day evaluation.
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.Virus.The archives can be found
at http://www.mail-archive.com.
