[clamav-users] Yara and base64 encoded body
kionez
kionez at anche.no
Thu Jul 28 07:54:22 UTC 2016
#include <G.W. Haywood.h> // created 27/07/2016 18:37
Hi!
> Have you looked at MIMEDefang? You can do more or less whatever you
> want if you can write Perl scripts.
I've looked at it, but it's not so simple to integrate on my systems
(now I'm using one VPS to do every antispam\antivirus tasks for all my
mailservers), AFAIK I have to install, configure and maintain mimedefang
on every mailserver breaking my centralized service...
but.. thanks! I will read more carefully the docs, maybe I'll find
something useful.
I'm also thinking about a small script used as amavisd-new scanner,
which decodes every base64 part and scans it through clamav, but I'm
worried about performance (because I'm not a "true" coder ;) )
I will train spamassassin's baesyan filters, but is less funny :D
Just for example, i put on pastebin a test message [1] and ruleset [2],
but now I know that is a question that is quite off-topic on this list.
1: http://pastebin.com/PJBqG15Q
2: http://pastebin.com/UaWKLe5V
Thanks for advice!
k.
More information about the clamav-users
mailing list