RE: [Declude.Virus] Post-Declude 1.75 Password Zipped Virus Detection

[John Carter]

Dan:   (See Scott’s reply) – BANEXT EZIP (as well as the BANEXT ZIP) works well.  Remember, even legit ZIPs are held.   I may not be handling it the best way, but after the messages are moved the \spool\virus directory, I manually scan with my desktop scanner.  For some reason a manual scan by F-Prot on the server doesn’t find anything. However Micro Trend on my computer (I am mapped to the spool drive on the Imail server) finds most of them.  Because it doesn’t catch everything, I then open the remaining D*.SMD files. If it looks ok, I’ll move it and Q file back into the \spool for delivery.  In the last two days this has been time consuming and would not work for a high volume system.  But pretty soon you learn to recognize the “kinky” ones and which ones can be sent on.   I tell you all of this in case you or anyone else has a better way of doing it.   John   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dan Geiser Sent: Tuesday, July 20, 2004 7:56 AM To: [EMAIL PROTECTED] Subject: [Declude.Virus] Post-Declude 1.75 Password Zipped Virus Detection   Hello, All, Over the last day or so one of my users has been inundated with viruses archived in password protected zip files.  I know that this technique has been around for many months now but unfortunately when it was discussed on this list I did not have a current service agreement so I didn't pay close attention to the discussion regarding any new features which were added to Declude to combat this situation.   Are there any new features in Declude which will help mitigate this issue or is it just a matter of the user being vigilant?  We are currently using Declude v1.75.   Thanks In Advance, Dan Geiser [EMAIL PROTECTED]