Kenneth Porter wrote: > I just saw this on the SA-devel list. Note that ClamAV 0.88.6 is listed > as vulnerable.
However, it is *not* vulnerable if you use the standard MIMEDefang ClamAV integration functions. MIMEDefang passes virus scanners both the raw MIME message and all the parts as decoded by MIME::tools. This design decision was made so that MIME::tools could work around any bugs in an AV tools' MIME decoder and vice-versa. The proof-of-concept test didn't make it past our test MIMEDefang system. Regards, David. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
