I passed along that info about looking at the checksum of the file in the zip and got this reply...
-------------------------------- From: "Diego d'Ambra" (the guy that did the latest clamav pattern update) Thank for the info, but currently ClamAV contains no "engine" that allows retrieval of these information. So your best option would be to do it through the MTA or let ClamAV scan the full e-mail (the DB has 2 signatures that should detect the Bagle e-mail). Best regards, Diego d'Ambra -------------------------------- Michael -----Original Message----- From: David Prestwich [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 02, 2004 12:51 PM To: [EMAIL PROTECTED] Subject: Re: [Mimedefang] Password protected Bagle.F I'm missing this virus as well - I'm using clamav and thought that there was a way to force it to scan password protected files. Has anyone had any luck with this? I don't think that it will do this. David Dirk Mueller wrote: >On Monday 01 March 2004 19:25, Jon R. Kibler wrote: > > > >>file has a different password -- thus each zip file would have a >>different signature. >> >> > >Thats true, but it has some defects that makes detection easy: > > > > _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
