Not scaned .zip files

Kamil Jur(ík - AFX jurik at afx.cz
Tue Aug 5 18:59:07 IST 2003 

A lot for your fast answer (Julian Field). It's OK (zip).

I'm  fake up script SweepViruses.pm
In funktion sub ProcessBitdefenderOutput
adapt  funktion ProcessRavOutput
Bitdefender=RAV :-) it's beter a part script
--------------------------------------------------------------------
sub ProcessBitdefenderOutput {
  my($line, $infections, $types, $BaseDir, $Name) = @_;

  my($report, $infected, $dot, $id, $part, @rest);
  my($logout);

  chomp $line;

  $report = $line;
  if ($line =~ /\t+(infected|suspicious): /i) {
    $logout = $line;
    $logout =~ s/%/%%/g;
    MailScanner::Log::InfoLog($logout);
    # Get to relevant filename in a reasonably but not
    # totally robust manner (*impossible* to be totally robust
    # if we have slashes, spaces and "->" in filenames)
    # Strip the infection report off the end, leaves us with the path
    # and the archive element name
    $line =~ s/\t(infected|suspicious): \S+$//;
    # Strip any archive elements so we should just have the path and
filename
    $line =~ s/^(.*?)\-\>.*$/$1/;
    $line =~ /\-\>/
      and MailScanner::Log::DieLog("Dodgy things going on in Bitdefender " .
                                   "output:\n%s\n", $report);
    #print STDERR "**$line\n";
    ($dot,$id,$part, at rest) = split(/\//, $line);
    $report = $Name . ': ' . $report if $Name;
    $infections->{"$id"}{"$part"} .= $report . "\n";
    $types->{"$id"}{"$part"} .= "v"; # so we know what to tell sender
    return 1;
  }
  return 0;
}

-------------------------------------------------------------------------
Kamil Jurik



Julian Field napsal(a):

> At 17:59 05/08/2003, you wrote:
>
>> Hi all,
>>
>> scanned MS inside zip files and blocked for viruses? I can send mail
>> with
>> eicar.com file so to me arrived mail vith text:
>>
>> One or more of the attachments (eicar.com) are on
>> the list of unacceptable attachments for this site and will not have
>> been delivered.
>>
>> Consider renaming the files or putting them into a "zip" file to avoid
>>                                               '------->
>> this constraint.
>> Can I do off??
>>
>> It comes to this thet pass virus inside zip?
>
>
> If you put the file inside a zip file, then it will avoid the attachment
> filename checks (filename.rules.conf) and the attachment filetype checks
> (filetype.rules.conf). But it will still be scanned for viruses.
>
>
>> I'm sorry for my bad English.
>
>
> Your English is a lot better than my Czech! :-)
>
> --
> Julian Field
> www.MailScanner.info
> Professional Support Services at www.MailScanner.biz
> MailScanner thanks transtec Computers for their support
>


Tento e-mail byl zkontrolovan na postovnim serveru AFX

More information about the MailScanner mailing list