>> >> On Mon, September 11, 2006 18:15, John D. Hardin wrote: >> >> > Probably not, as you'd have to visit the link to get something for the >> > virus checker to check. On the server side, it'd have to follow the >> > like to download the executable to scan, and I *really* doubt anyone >> > would want their mail gateway to be doing *that*. >> >> why not ? >> >> clamav pics it up as >> >> Virus scanner output: >> p006: Trojan.Dropper.Delf FOUND >> p004: Trojan.IRCBot-96 FOUND >> p002: Trojan.IRCBot-arc FOUND >> >> > This is more a security policy issue - "I don't want to accept email >> > with links directly to executable content". Hence an SA rule. >> >> SA is not a virus scanner, but there could be a rule for dobbel extensions >> >> -- >> "This message was sent using 100% recycled spam mails." >> >> Hi,
possible problem: if the erver actually runs windows, the link could be some kind of cgi rather than an executable double extension are a clear warning,though Wolfgang Hamann
