On Thursday 29 October 2015 20:37:03 Ned Slider wrote:
> On 29/10/15 10:51, Gary Stainburn wrote:
> > On Wednesday 28 October 2015 21:12:19 Ned Slider wrote:
> >> On 28/10/15 11:55, Gary Stainburn wrote:
> >>> We are receiving LOTS of emails that contain empty XLS or DOC documents
> >>> with
How about scanning files using virustotal?
https://github.com/Gawen/virustotal
--
Eero
2015-10-30 12:58 GMT+02:00 Gary Stainburn :
> On Thursday 29 October 2015 20:37:03 Ned Slider wrote:
> > On 29/10/15 10:51, Gary Stainburn wrote:
> > > On Wednesday 28 October 2015
On 29/10/15 10:51, Gary Stainburn wrote:
> On Wednesday 28 October 2015 21:12:19 Ned Slider wrote:
>> On 28/10/15 11:55, Gary Stainburn wrote:
>>> We are receiving LOTS of emails that contain empty XLS or DOC documents
>>> with embedded virus macros. These are getting past SPAMASSASSIN, Clamav
On Wednesday 28 October 2015 21:12:19 Ned Slider wrote:
> On 28/10/15 11:55, Gary Stainburn wrote:
> > We are receiving LOTS of emails that contain empty XLS or DOC documents
> > with embedded virus macros. These are getting past SPAMASSASSIN, Clamav
> > and Kaspersky.
> >
> > I'm trying to write
On Thu, 2015-10-29 at 20:37 +, Ned Slider wrote:
> Combining multiple simple rules in a meta
> rule is also a great way to detect many spams. If you can find 3 or 4
> factors specific to these spam (the more unique the better), combining
> them usually gives excellent results.
Yep.
In
We are receiving LOTS of emails that contain empty XLS or DOC documents with
embedded virus macros. These are getting past SPAMASSASSIN, Clamav and
Kaspersky.
I'm trying to write a filter for EXIM to block these emails but I need to know
a good, quick, command-line to detect an empty doc with
On Wed, October 28, 2015 6:55 am, Gary Stainburn wrote:
> We are receiving LOTS of emails that contain empty XLS or DOC documents
> with
> embedded virus macros. These are getting past SPAMASSASSIN, Clamav and
> Kaspersky.
Just a word of advise to everybody: stay away from Kaspersky (unless you
Hi,
Take look of http://www.cuckoosandbox.org
--
Eero
2015-10-28 13:55 GMT+02:00 Gary Stainburn :
> We are receiving LOTS of emails that contain empty XLS or DOC documents
> with
> embedded virus macros. These are getting past SPAMASSASSIN, Clamav and
> Kaspersky.
>
> I'm
and https://github.com/xme/cuckoomx
--
Eero
2015-10-28 16:59 GMT+02:00 Eero Volotinen :
> Hi,
>
> Take look of http://www.cuckoosandbox.org
>
> --
> Eero
>
> 2015-10-28 13:55 GMT+02:00 Gary Stainburn :
>
>> We are receiving LOTS of emails that contain
I've had a look at this and
a) it looks a little like over-kill for what I want,
b) I haven't a clue how to use it in my EXIM environment
c) from the VERY quick look I've taken I don't see how to use it to detect
macros in office documents.
I think I'm going to forget about the macros, and
On 28/10/15 11:55, Gary Stainburn wrote:
> We are receiving LOTS of emails that contain empty XLS or DOC documents with
> embedded virus macros. These are getting past SPAMASSASSIN, Clamav and
> Kaspersky.
>
> I'm trying to write a filter for EXIM to block these emails but I need to
> know
11 matches
Mail list logo