ANNOUNCE: Unstable 4.28.3 released

Rick Cooper rcooper at DWFORD.COM
Wed Mar 3 11:57:17 GMT 2004


Just installed 4.28.3 and ran a few tests. I sent a mail with a
protected ZIP and a Zipped executable. It caught the protected
zip and did the notice thing, and kept the message body (great
thanks!) but passed the zipped executable on through in tact. The
log looks like it stopped processing on the protected zip
altogether. I sent another with just the zipped exe and it caught
it that time. Did another test with the zipped exe being the
first attachment and the protected zip being the second and it
caught both. So I then sent a message with the protected zip as
the first attachment and a raw exe as the second attachment, and
it caught both of those. so it looks like zip processing halts
when the password protected zip is found and the other file
name/type checks must be performed prior to the zip extraction
tests? In any event you probably want to fix it so subsequent zip
files are processed after the protected zip fails or someone
could just send the password protected as attachment one and then
attach a zipped exe file in attachment two and the user may think
attachment two is safe since it cleaned one and left the other.

> -----Original Message-----
> From: MailScanner mailing list
> [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
> Behalf Of Julian Field
> Sent: Wednesday, March 03, 2004 5:27 AM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: ANNOUNCE: Unstable 4.28.3 released
>
>
> Hi folks!
>
> The "fastest code factory in the West" has been
> running full tilt this
> morning :-)
>
> I have managed to rewrite a lot of the code that
> handles password-protected
> zip files.
>
> The logging, quarantining and notifications should
> work rather better now.
> I have hopefully fixed the other outstanding bugs in
> this area too.
>
> There is a new option keyword for the Silent Viruses
> list: "Zip-Password"
> which causes password-protected zip files to be
> treated "silently". I
> suggest you add it to your list. If "Warn Senders of
> Viruses" is off, then
> it also shouldn't send warnings about
> password-protected zip files, as they
> are more likely to be viruses than anything else, so I
> have treated them
> that way.
>
> Download as usual from www.mailscanner.info.
>
> Please report any problems!
>
> Boy, do I need a holiday...   ;-)
> --
> Julian Field
> www.MailScanner.info
> MailScanner thanks transtec Computers for their support
>
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947
> 1415 B654
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list