Re: How to block incoming emails with ZIP attachments containing EXE
- On 4/19/2013 11:46 AM, Andreas Freyvogel wrote:
> Hi All,The Sanesecurity addon signatures for clamav has some specific
> I'm not sure if this is the correct group to ask so apologies if it's not.
> I wanted to ask if anyone has a good way of sending emails that have ZIP
> attachments that contain EXE files to QUARANTINE. I am using POSTFIX sending
> to PROCMAIL and CLAMAV. I've looked into procmail recipies and clamav
> options but nothing seems to work well for me.
signatures to detect executable files inside a zip.
If you're using clamav in your procmail recipe, you can redirect
infected mail to a specific mailbox or discard it.
If you use the clamav-milter with postfix, it can put infected mail
in the postfix hold queue.
If you use amavisd-new for the clamav interface, you can save the
mail in a quarantine.
-- Noel Jones