| 1 |
Hi Michael, |
| 2 |
|
| 3 |
I quickly tested clamav with option "AlertOLE2Macros" enabled but not |
| 4 |
worked as expected. ClamAV still marks malicious office attachments like |
| 5 |
VBA macros as CLEAN. |
| 6 |
On the other hand gmail detects the virus as soon as i add the file to |
| 7 |
attachments and doesn't let me send it. |
| 8 |
|
| 9 |
I envy it. |
| 10 |
|
| 11 |
I am happy to hear that next version of spamassassin will have a plugin |
| 12 |
that can detect office related attachments i hope it will do good job. |
| 13 |
|
| 14 |
Thank you. |
| 15 |
|
| 16 |
Michael Orlitzky <mjo@g.o>, 5 Tem 2019 Cum, 19:53 tarihinde şunu |
| 17 |
yazdı: |
| 18 |
|
| 19 |
> On 7/5/19 11:59 AM, Hasan Ç. wrote: |
| 20 |
> > |
| 21 |
> > Rejecting all of them with postfix is not a option for me. |
| 22 |
> > |
| 23 |
> > I tried some spamassasian rules to give them high score but not worked |
| 24 |
> > as expected. |
| 25 |
> > |
| 26 |
> > I would appreciate it if you share your experiences. |
| 27 |
> > |
| 28 |
> |
| 29 |
> The next version of SpamAssassin will have a plugin that can detect and |
| 30 |
> score these: |
| 31 |
> |
| 32 |
> |
| 33 |
> https://svn.apache.org/repos/asf/spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/OLEMacro.pm |
| 34 |
> |
| 35 |
> In the meantime, your best bet might be to turn on |
| 36 |
> |
| 37 |
> AlertOLE2Macros yes |
| 38 |
> |
| 39 |
> in your clamd.conf. That will block any office documents that look like |
| 40 |
> they contain VBA macros. |
| 41 |
> |
| 42 |
> |
Archives