1 |
Hi Michael, |
2 |
|
3 |
I quickly tested clamav with option "AlertOLE2Macros" enabled but not |
4 |
worked as expected. ClamAV still marks malicious office attachments like |
5 |
VBA macros as CLEAN. |
6 |
On the other hand gmail detects the virus as soon as i add the file to |
7 |
attachments and doesn't let me send it. |
8 |
|
9 |
I envy it. |
10 |
|
11 |
I am happy to hear that next version of spamassassin will have a plugin |
12 |
that can detect office related attachments i hope it will do good job. |
13 |
|
14 |
Thank you. |
15 |
|
16 |
Michael Orlitzky <mjo@g.o>, 5 Tem 2019 Cum, 19:53 tarihinde şunu |
17 |
yazdı: |
18 |
|
19 |
> On 7/5/19 11:59 AM, Hasan Ç. wrote: |
20 |
> > |
21 |
> > Rejecting all of them with postfix is not a option for me. |
22 |
> > |
23 |
> > I tried some spamassasian rules to give them high score but not worked |
24 |
> > as expected. |
25 |
> > |
26 |
> > I would appreciate it if you share your experiences. |
27 |
> > |
28 |
> |
29 |
> The next version of SpamAssassin will have a plugin that can detect and |
30 |
> score these: |
31 |
> |
32 |
> |
33 |
> https://svn.apache.org/repos/asf/spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/OLEMacro.pm |
34 |
> |
35 |
> In the meantime, your best bet might be to turn on |
36 |
> |
37 |
> AlertOLE2Macros yes |
38 |
> |
39 |
> in your clamd.conf. That will block any office documents that look like |
40 |
> they contain VBA macros. |
41 |
> |
42 |
> |