05/02/07 14:29:33
お、postfixでmilterか?詳細希望w
因みに、382とほぼ同じ手法なんだが、Anti-Virus Testing Tool使って
自鯖にメール送ってもらったら、2つほど引っかかりやがった。。。orz
sent Test #24 (non-virus): Test for the "Partial (Fragmented) Vulnerability".
This does not include the Eicar virus, however your mail server should still block
this since a virus can use this technique to break itself into multiple emails,
bypassing virus scanners, and reassembling itself in your inbox.
(attachment can be opened by virtually any mail program)
sent Test #25 (non-virus): Attachment with a CLSID extension which may hide the real file extension.
This does not include the Eicar virus, however your mail server should still block
this since the CLSID technique can be used to hide the true extension of a malicious file.
(attachment can be opened by any Windows computer)
引っかかったのは以上の#24,25
これってば、拡張子を隠蔽・偽装したファイルに対するチェックだよなぁ、、、
無問題かな。。。何か対策の手立てでもあれば、教えてほしいのだが。。。