I'm seeing a fair number of netsky.c infected zip files pass my system
(MD-2.40) with clamav and uvscan configured. Most are caught by MD, but
the misses are being caught at a downstream eggchange box running
Mcafee groupshield. The default filter section "look inside zip files"
is enabled. I tried blocking specific zip file names. That helped, but
new ones kept showing up, so I gave up and started blocking all zip
files today. That stopped the occurances at the exchange box. Any ideas?
It seems curious that groupshield catches stuff that gets past uvscan.
Also, since I started blocking zip files, I'm still seeing
W32/[EMAIL PROTECTED] viruses being reported by MD. Does it scan for
viruses in files that are rejected based on filename extension?
thanks,
Alan
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
