Linux and Win32 virus compatibility was: Re: [plug] stripping potentially nasty attachments

Chris Caston caston at arach.net.au
Fri Mar 26 23:18:53 WST 2004


The scary thing is what I get an infected .exe file in my e-mail and
evolution gives an option "Run this program in WINE"

eeeek!!!!!!!

On Fri, 2004-03-26 at 23:12, Ben Jensz wrote:
> The setup I've got on my work's mail server is with Postfix + 
> amavisd-new + Spamassassin + A/V.
> 
> In amavis, it has a set of banned file types and it'll look within zip 
> files to see what type of files are in them.  I've got my work's mail 
> server to reject banned file types (exe pif etc.).  So even if the A/V 
> hasn't got defs to pick up some new virus, it'll zap any windows related 
> nasty executables of any type before they get any further anyway.
> 
> 
> / Ben
> 
> 
> Craig Ringer wrote:
> 
> >Hi folks
> >
> >I'm currently using MimeDefang to strip suspect or potentially risky
> >attachments (.pif, .exe, .scr, .vbs, etc etc etc) from email before it
> >hits the virus scanner. I'm interested in finding a way to extend that
> >so that MimeDefang can quarantine messages that have zipped attachments
> >if the zip file contains suspect filenames. I'd like to kill as many
> >possibly dodgy files as possible without needing the virus scanner,
> >given the rapidly "mutating" viri we're getting these days.
> >
> >A quick google search turned up nothing, nor did a look at the
> >MimeDefang docs (what of them exists). I didn't find a simple method of
> >doing this. So ... is anyone on PLUG currently doing something like
> >this, and if so - any pointers/tips?
> >
> >Suggestions appreciated. I'll follow up here if I find a solution later.
> >
> >Craig Ringer
> >
> >  
> >
> 
> 
> _______________________________________________
> PLUG discussion list: plug at plug.linux.org.au
> http://mail.plug.linux.org.au/cgi-bin/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
-- 
Linux is ready for the desktop like a Boeing F-22 is ready for the
run-way.




More information about the plug mailing list