> .zip files are safe because they are currently not known to contain > executable code. This however has nothing to do with their potential > contents.
Hmmm... not willing to "troll" or the like; but I saw in the past some hacks which leveraged "unzip applications" flaws causing buffer overflow and allowing to run code on the victim and in such cases all you needed was a specially crafted zip file; so I would avoid underestimating such files That said, and going back to "email" topic; I usually setup things so that ASSP performs the frontend screening, removing spam and checking the incoming emails through clamAV (and using the sanesecurity sigs to cut off phish too); then, the backend mailserver has its own antivirus and the latter performs additional checks on the incoming messages; all in all, having two opinions doesn't hurt, especially in this case :) ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
