[Phishing]Re: Anti-virus for FreeBSD

Olivier Nicole Olivier.Nicole at cs.ait.ac.th
Thu Mar 24 04:46:55 UTC 2016


Matthew,

> It is not possible a priori to strip out any file belonging to some
> arbitrary application which implements some sort of embedded macro
> language, let alone tell if any such file actually contains any
> executable bits.

If you know the format of the file, I believe you can scan it and find
if it contains macro. It's time consuuming and implies you have a large
knowledge of what every file looks like. Anti virus do that.

> This is essentially the approach taken on these (FreeBSD) mailing lists,
> except here, it's reversed: all attachements are removed, except for a
> certain number of known-harmless ones, like PGP-Mime signatures or some
> simple text formats.

I think one of the reason, beside security, is to keep the list lean: if
you allow attachements, you quickly end up with email send in the form
of Words documents...

If you cannot explain your problem using plain ASCII only, then you have
to rethink what you are trying to explain first :)

best regards,

olivier


More information about the freebsd-questions mailing list