I am trying to understand this, but the reality doesn't work like I think you are saying it should. If I have the following in my virus.cfg file:
BANEXT EZIP
Note that "BANEXT EZIP" is the original quickly-implemented format that may have problems.
with or without:
BANZIPEXTS ON BANEZIPEXTS ON
These lines will ban file extensions that appear in .ZIP files (both un-encrypted and encrypted files). Any BANEXT lines will be used to determine whether files within .ZIP files should be banned.
I catch the encrypted/password protected virus files. However, if I use just:
BANZIPEXTS ON BANEZIPEXTS ON
the virus files pass right through declude, reporting that the file is virus free. Am I simply not understanding how this is supposed to work. I though we no longer needed to use BANEXT EZIP. Please enlighten me on the error of my ways... :-)
The old format (which I won't repeat, just because the more it gets repeated the more likely people will try to use it) would block any .ZIP file if the first file in it was encrypted (even if it was a .TXT file).
The new format will ban the same extensions that you are already banning, but will do so in .ZIP files. The BANZIPEXTS ON option will ban the files if they are un-encrypted, the BANEZIPEXTS ON will ban the files if they are encrypted.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask for a free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
