of the ones "can not be caught", they are IFRAME links inside HTML content in message body, and Q-S is not doing message body pattern scanning.
Is there -any- reason to allow IFRAME content in EMAIL content??
AFAIK...you -could- stop IFRAME exploits in HTML with SpamAssassin's defang_mime=1 option but that would "disable" all HTML email (might not a bad thing depending on your POV ;)
my system with Q-S and clamav have no problem catching IFRAME exploits:
----------------------------------------------------------------------------------------------- A virus was found in an Email message you sent. This Email scanner intercepted it and stopped the entire message reaching its destination.
The virus was reported to be:
Exploit.IFrame.HTML
Please update your virus scanner or contact your IT support personnel as soon as possible as you have a virus on your system. ------------------------------------------------------------------------------------------------
Cream[DONut] - www.donut.dk www.nethouse2000.dk - admin
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
