Blocking ZIP within ZIP
Alex
mysqlstudent at gmail.com
Wed Oct 5 01:53:37 CEST 2016
Hi,
> is it possible to block ZIPs within ZIPs?
>
> As far as I understand it amavis unpacks everything an then trys to find out
>
> if the files are banned or not.
>
> Since we have seen now some of those crypto trojans that consist of a zip
>
> within a zip and within some varible executable code which is not allways
> properly recognized.
Are you sure this doesn't already work?
What's inside the inner zip? Ultimately it's got to be something
that's on your existing banned list (.js, .exe, etc..), so I would
think it would find that and reject/ban it.
Regards,
Alex
More information about the amavis-users
mailing list