>> 
>> On Mon, September 11, 2006 18:15, John D. Hardin wrote:
>> 
>> > Probably not, as you'd have to visit the link to get something for the
>> > virus checker to check. On the server side, it'd have to follow the
>> > like to download the executable to scan, and I *really* doubt anyone
>> > would want their mail gateway to be doing *that*.
>> 
>> why not ?
>> 
>> clamav pics it up as
>> 
>> Virus scanner output:
>>   p006: Trojan.Dropper.Delf FOUND
>>   p004: Trojan.IRCBot-96 FOUND
>>   p002: Trojan.IRCBot-arc FOUND
>> 
>> > This is more a security policy issue - "I don't want to accept email
>> > with links directly to executable content". Hence an SA rule.
>> 
>> SA is not a virus scanner, but there could be a rule for dobbel extensions
>> 
>> -- 
>> "This message was sent using 100% recycled spam mails."
>> 
>> 
Hi,

possible problem: if the erver actually runs windows, the link could be some 
kind of cgi
rather than an executable

double extension are a clear warning,though

Wolfgang Hamann



Reply via email to