Basic premise is that we define "really bad" file extensions (com|pif|scr|bat) that historically just don't exist in legit emails and we treat those as a virus except we modified filter and filter_multipart to do a bounce rather than a discard.
It's really straightforward but this combined with the Archive::Zip changes made it so that we really never even had to hit a virus scanner for all of the zip/pif/scr viruses over the past year since DFS added the functionality.
Regards, KAM
the really_bad_filename extrapolation I wrote
I'd be interested in this. Where can I get it?
_______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
