On 3/1/2017 1:00 PM, G.W. Haywood wrote:
Hello again,
On Wed, 1 Mar 2017, Carlos Velasco wrote:
G.W. Haywood wrote:
> Your conjecture is incorrect. Neither of those things is a properly
> formed mail message. I'd describe them as jumbled up collections of
> bits and pieces of things which might possibly once have been parts of
> mail messages.
Sorry but you are wrong, they are indeed real mails and properly
formatted. Directly received from hotmail. I just have changed
(hidden) the domains, addresses and IP addresses at the moment of
publishing them.
It is the magic of ClamAV (0.99.2) that does not detects mail for
the first case, but it detects mails for the second case (with just
1 long header line deleted). Tested ClamAV devel version makes
partial detection of mail (through MHTML).
Magic of "file" works for both, detecting both as mail text:
# file LCipWJaQ.txt
LCipWJaQ.txt: ASCII mail text, with very long lines, with CRLF line
terminators
# file ZvmST7Xh.txt
ZvmST7Xh.txt: ASCII mail text, with very long lines, with CRLF line
terminators
I've been doing this for a couple of decades, so do I know what a
properly formed mail message looks like. :)
The text files on which you ran 'file' and the HTML-ified garbage to
which you linked in your original post are not the same things at all:
laptop3:~$ >>> wget -q http://pastebin.com/ZvmST7Xh
laptop3:~$ >>> file ZvmST7Xh
ZvmST7Xh: HTML document, ASCII text, with very long lines, with CRLF,
LF line terminators
laptop3:~$ >>> wget -q http://pastebin.com/LCipWJaQ
laptop3:~$ >>> file LCipWJaQ
LCipWJaQ: HTML document, ASCII text, with very long lines, with CRLF,
LF line terminators
You owe it to anyone who might take the trouble to help you at least
to provide *exactly* the data with which you are having problems - not
some vague, Webserver-generated representation of it - and perhaps
also to consider their replies more carefully.
Hate to say it, but you downloaded the wrong files. You need to get the
'raw' version. Otherwise, you just get pastebin's website view.
$ wget http://pastebin.com/raw/ZvmST7Xh
$ file ZvmST7Xh
ZvmST7Xh: ASCII mail text, with very long lines, with CRLF line terminators
$ wget -q http://pastebin.com/raw/LCipWJaQ
$ file LCipWJaQ
LCipWJaQ: ASCII mail text, with very long lines, with CRLF line terminators
--
Bowie
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
