Am 29.10.18 um 17:33 schrieb Kris Deugau: > Tilman Schmidt wrote: >> Am 26.10.18 um 15:34 schrieb Johnny Time: >>> For exemple, we wanted to authorize only a white list which contains >>> *.doc,*.xls,*.pdf and ban the others extensions. >> >> Surely you meant to write "*.docx,*.xlsx,*.pdf"? >> *.doc and *.xls are the old, malware-prone MS-Office filetypes. >> You don't want to let those pass, at least not without rigorous >> examination. > > In my experience, the new ones aren't any better.
The "*m" ones (with macros) certainly aren't, but the "*x" ones (without macros) have so far never caused any trouble at our site. So we put mails with *.doc, *.xls, *.docm and *.xlsm attachments in quarantine, only releasing them upon request after manual inspection, but let *.docx and *.xlsx pass if the ClamAV scan turns up clean. T. _______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
