Date: Thu, 24 Mar 2016 11:46:51 +0700 From: Olivier Nicole <Olivier.Nicole@cs.ait.ac.th> To: Matthew Seaman <matthew@FreeBSD.org> Cc: freebsd-questions@freebsd.org Subject: Re: [Phishing]Re: Anti-virus for FreeBSD Message-ID: <wu7a8lozdms.fsf@banyan.cs.ait.ac.th> In-Reply-To: <56F2CC22.9090500@FreeBSD.org> (message from Matthew Seaman on Wed, 23 Mar 2016 17:02:26 %2B0000)
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew, > It is not possible a priori to strip out any file belonging to some > arbitrary application which implements some sort of embedded macro > language, let alone tell if any such file actually contains any > executable bits. If you know the format of the file, I believe you can scan it and find if it contains macro. It's time consuuming and implies you have a large knowledge of what every file looks like. Anti virus do that. > This is essentially the approach taken on these (FreeBSD) mailing lists, > except here, it's reversed: all attachements are removed, except for a > certain number of known-harmless ones, like PGP-Mime signatures or some > simple text formats. I think one of the reason, beside security, is to keep the list lean: if you allow attachements, you quickly end up with email send in the form of Words documents... If you cannot explain your problem using plain ASCII only, then you have to rethink what you are trying to explain first :) best regards, olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?wu7a8lozdms.fsf>