I've been getting some infrequent Declude bans of EXE files with little or no size that the sender's system must have stripped out the virus portion.
Looking through my reports, I note I have never seen an Invalid EXE vulnerability. I see Invalid BAT, COM, CPL, PIF and SCR.
Is there such a thing and the Invalid EXE vulnerability? It would be nice to have an Invalid EXE vulnerability to block instances like this where the size is pretty much nothing.
There wasn't such a test (with the thought being that a virus wouldn't try to use an .exe extension while really being another file type). But this can handle both the problem with 0-byte .exe files, and also can help protect against script viruses appearing in .exe files (I'm not sure why they would do that, but they might).
So this is something that will likely be in the next release.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000.
Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask for a free 30-day evaluation.
---- This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
