I just received an interesting virus. It's a fake bounce with an attachment named letter.zip. It made it through mimedefang (2.49) unscathed.
I unzipped letter.zip, which contained a single file, named . . . letter.zip (kind of like Russian dolls). I unzipped the interior letter.zip, which contained a Letter.pif. It appears to be Win32.Mydoom.am (according to Kasperky.com): http://www.viruslist.com/en/viruses/encyclopedia?virusid=74056 Am I correct that mimedefang will not recursively unzip files when searching for harmful attachments? -David --------------------------------------------------------- D a v i d E i s n e r c r a d l e @ u m d . e d u CALCE EPSC University of Maryland _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
