On Wed, 3 Mar 2004, EKB wrote: > How about just "defanging" any encrypted zip by renaming it and adding a > brief warning message. We receive lots of valid encrypted zip files so > deleting them is not an option.
A third option is to list the zip file directory and reject it if it contains either another zip file or any banned extensions. Zip encryption encrypts the file contents, but it doesn't seem to encrypt the directory listing -- I tested an "unzip -l" on a captured encrypted virus, and it listed the .exe just fine. We're going to look at integrating Archive::Zip into mimedefang, because this is becoming an issue for our CanIt customers also. Regards, David. _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
