keep original filenames from zip file for virus scanning?
Gerben Roest
g.roest at grepit.nl
Wed May 31 15:29:44 CEST 2017
Hello,
I noticed that a javascript trojan slipped through because amavis
extracted the virus from the zip file to something like:
/var/lib/amavis/tmp/amavis-20170522T095840-15377-v7RlAZkS/parts/p005
and my virus scanner "esets_cli" didn't recognize that as a virus. I
noticed that esets_cli needs the .js extension (or .bat or something) to
recognize it.
ESET doesn't have a mode or flag to disregard any extensions, so my hope
is that I can tell amavis not to extract to p005 but to 15364.js for
instance. Is that possible?
Thanks,
Gerben
More information about the amavis-users
mailing list