search for: virus_files

...t is add small pattern matching rules to local.cf Another rule I would like to add to Spamassassin is to catch emails where the subject starts with the email local part in brackets as we get a LOT of those too. > > Are you able to post some examples to pastebin? http://www.stainburn.com/virus_files/I0000040777.doc http://www.stainburn.com/virus_files/FAX_20151028_1445421437_89.doc

...ch emails where > > the subject starts with the email local part in brackets as we get a LOT > > of those too. This is one of the checks I can now do in my perl script. > > > >> Are you able to post some examples to pastebin? > > > > http://www.stainburn.com/virus_files/I0000040777.doc > > http://www.stainburn.com/virus_files/FAX_20151028_1445421437_89.doc > > Sorry, I meant examples of the emails (including the full headers, > redacted where necessary), not the attachments. We might be able to > point you in the right direction or offer a few th...

...iting rules. > Another rule I would like to add to Spamassassin is to catch emails where the > subject starts with the email local part in brackets as we get a LOT of those > too. > >> >> Are you able to post some examples to pastebin? > > http://www.stainburn.com/virus_files/I0000040777.doc > http://www.stainburn.com/virus_files/FAX_20151028_1445421437_89.doc Sorry, I meant examples of the emails (including the full headers, redacted where necessary), not the attachments. We might be able to point you in the right direction or offer a few thoughts on how to detect...

We are receiving LOTS of emails that contain empty XLS or DOC documents with embedded virus macros. These are getting past SPAMASSASSIN, Clamav and Kaspersky. I'm trying to write a filter for EXIM to block these emails but I need to know a good, quick, command-line to detect an empty doc with a macro. Is there anything available that I can use?? I have managed to write a PERL script to