[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AntiVirus for sendmail

To: misc@openbsd.org
Subject: Re: AntiVirus for sendmail
From: "Arvid Grøtting" <arvidg@netfonds.no>
Date: Mon, 06 Jan 2003 15:57:05 +0100
Cancel-Lock: sha1:gw4w+VB07QxHp+pWnCWVMquFNr0=
Mail-Copies-To: never
Organization: No such thing.
References: <000d01c2b240$36e4f1a0$6672a8c0@support> <20030103101649.E17254@snew.com> <20030104124948.2bcda4db.lars@unet.net.ph>
User-Agent: Gnus/5.090004 (Oort Gnus v0.04) Emacs/21.2 (i386-debian-linux-gnu)

Lars Hansson <lars@unet.net.ph> writes:

> There have been numerous exploits for both Netscape Mail and Eudora.

Yes.  Still, outlook-dependent viruses seem to be more frequent at the
moment.

But as an interesting trend lately, most of the viruses common today
use the Microsoft EXE file format.  If you don't have a legitimate
business need for exchanging such files, scanning for EXE files[1]
will stop many[2] viruses and can be done quite trivially[3][4].


[1] by any name, of course
[2] not all!
[3] the scanning itself, that is.  The bookkeeping required to
interface with Internet mail is another matter entirely.
[4] assuming, of course, that the scanning is only emplyed in
environments (e.g. Internet mail) where EXE files[1] can be considered
illegitimate by default.
-- 
/*  trivirus.c -- very trivial virus scanner  */
#include <stdio.h> /* (c) Arvid Grøtting 2002 */
int main (int argc, char **argv, char **environ)
{return (getchar() == 'M' && getchar() == 'Z');}

References:
- AntiVirus for sendmail
  - From: "Orpheus" <orpheus@metempsychosis.com>
- Re: AntiVirus for sendmail
  - From: Chuck Yerkes <chuck+obsd@2003.snew.com>
- Re: AntiVirus for sendmail
  - From: Lars Hansson <lars@unet.net.ph>

Prev by Date: Flavor problem with PHP4 port
Next by Date: Re: Flavor problem with PHP4 port
Prev by thread: Re: AntiVirus for sendmail
Next by thread: Documentation error, man pkg_info(1)?
Index(es):
- Date
- Thread