f-prot's new mailbox licensing model

Julian Field mailscanner at ecs.soton.ac.uk
Wed Jun 11 14:43:08 IST 2003


At 10:52 11/06/2003, you wrote:
> > The only viruses that would probably slip thru are macro
> > viruses and those
> > that are sent thru compressed files... correct? Or is there
> > something else
> > that may happen that I haven't thought of?
>
>I'm firmly of the opinion that there is always something else that may
>happen that I haven't thought of!  We don't know what the next exploit
>might be that gets exploited by virus writers.  If you want to protect
>against all viruses without using a virus scanner then you should block
>all attachements and probably strip all html content too.  Theres no
>telling for sure what attachements may have viruses in them.  One example,
>theres a known vulnerability in Windows XP which can be exploited by a
>carefully constructed mp3 or wma file.  Presumably that could be exploited
>by a virus writer, but who would have expected an mp3 file to contain a
>virus - its not even executable!

Many moons ago, I fell foul of this myself. Who would have thought that a
plain-text email containing no MIME attachments or HTML could have
contained a virus? Then "MyParty-A" appeared...
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support



More information about the MailScanner mailing list