Hello list, today I had a forged ebay e-mail containing an attachment with a trojan. I would like to filter for the attachment name, is that possible without a "full" rule?
full ZMIde_EBAYBILL1 /name="Ebay-Rechnung.pdf.zip"/ describe ZMIde_EBAYBILL1 false ebay bill .zip file score ZMIde_EBAYBILL1 4.9 mfg zmi -- // Michael Monnerie, Ing.BSc ----- http://it-management.at // Tel: 0660/4156531 .network.your.ideas. // PGP Key: "curl -s http://zmi.at/zmi3.asc | gpg --import" // Fingerprint: 44A3 C1EC B71E C71A B4C2 9AA6 C818 847C 55CB A4EE // Keyserver: www.keyserver.net Key-ID: 0x55CBA4EE
pgpDC2PsDHT0a.pgp
Description: PGP signature