ANNOUNCE: Stable 4.29.7 released
Julian Field
mailscanner at ecs.soton.ac.uk
Thu Apr 1 16:19:41 IST 2004
At 15:14 01/04/2004, you wrote:
>Julian,
>
>Looks like we were having a private conversation... I reverted it back
>to the list...
>
>Le jeu 01/04/2004 à 08:53, Julian Field a écrit :
> > At 14:49 01/04/2004, you wrote:
> > >Hello Julian,
> > >
> > >Le jeu 01/04/2004 à 04:15, Julian Field a écrit :
> > > > I have just released stable 4.29.7.
> > > >
> > > > - Zip archives detection improved to work by content rather than
> filename.
> > >
> > >Does that mean that a zip archive will be detected and ist contents
> > >scanned even if its name doesn't end in .zip?
> >
> > Yes.
> >
> > >I hope not because I've been telling people to rename their zip file to
> > >something else to avoid the contents checks. And since I don't use
> > >filetype checks it works just fine.
> >
> > And one of the virus writers started writing zip files but ending their
> > names in ".rar" in the knowledge that Winzip would still open them. So it
> > had to go content-based, sorry.
>
>Bummer! I was already blocking rar files...
>
>Could it be modified to use the File Command setting (that I have set to
>blank) to decide if it reacts that way?
I need to test lots of files and I can detect zip files by just looking at
the first 4 bytes, which is *way* faster than running the file command and
parsing all its output.
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
More information about the MailScanner
mailing list