On 10/07/2019 07:59, Virgo Pärna via clamav-users wrote: > Lately there have been several malware rtf files with doc > extension, that I have received by e-mail and that are not immediately > recognized by clamav. From virustotal scan they appear to be RTF bug > exploits. > Since clamav has special type support for rtf, would it be > possible to write custom rule to block rtf files with doc extension?
Noting I often rename rtf files to doc - because when someone insists on a "word doc" and you send them a .rtf, when they complain you sent them the "wrong thing" you are in a lose/lose situation (if you correct them, they resent it, if you don't, they think you did something wrong) _______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
