From: Mustafa Akgul (akgul@Bilkent.EDU.TR)
Date: Sat 28 Sep 2002 - 10:43:19 EEST
Date: Fri, 27 Sep 2002 17:52:24 +0100
Resent-Date: Sat, 28 Sep 102 0:10:15 UT
From: Chris Lowth <dont@want.spam>
To: "comp.mail.sendmail mail newsgroup" <comp-news@dl.ac.uk>
Subject: protector - 1.00.7 -- GPLed e-mail virus protection for sendmail
Protector 1.00.7 Annnouncement - September 27, 2002
Update 7 of protector 1.00 has been released for RedHat GNU-Linux versions
6.0, 6.1, 6.2, 7.0, 7.1, 7.2 and 7.3 systems, and as an "beta" testing
release for Sun Solaris.
This update of the protector software ..
* Corrects the handling of Content-type headers with a newline
immediately following the header key.
Version 1.01 is also now available as a development beta release, for
testing and documentation. This reworked protector release handles MS
office and other document formats more intelligently - including the
checking of embedded objects but is currently still under development..
For information and download of both versions, visit:
http://protector.sourceforge.net/
Protector checks incoming e-mail messages for attachments that could
contain viruses, worms etc - and replaces the offending attachments with
standard warning messages before being passed to "procmail" for local
delivery. The original "dangerous" attachment is saved in a directory that
only the root user can access.
Protector is NOT a virus scanner in the traditional sense: It does NOT
scan attachments for virus signatures, but blocks attachments that could
contain viruses. So *.exe, *.vba etc attachments don't get through. This
means that you don't have to keep protector up to date to stay protected
against the growing tide of new viruses and worms.
Protector does not work by blocking listed types, but by blocking ALL BUT
the listed types. For details of the attachment types "allowed through",
please refer to the web site.
The logic employed by protector to determine the file types contained in
attachments is based on a modified version of the "file" command, and a
number of type-specific validation programs - it does not rely on the
actual name of the file, or the "content-type" declared in the attachment
header. It also looks inside ZIP, TAR and other archive formats, and
checks the files contained in them.
Some types of files are allowed through only under certain conditions. The
main example being that MS Word documents are blocked if they contain ANY
macros, but allowed through otherwise.
It isn't perfect yet, but it's a start. Assistance in developing the
checking logic for new file types is invited.
Chris
-- My real e-mail address is chris <at> lowth <dot> com----------------------------------------------------------------------- Liste üyeliğiniz ile ilgili her türlü işlem için http://liste.linux.org.tr adresindeki web arayüzünü kullanabilirsiniz.
Listeden çıkmak için: 'linux-request@linux.org.tr' adresine, "Konu" kısmında "unsubscribe" yazan bir e-posta gönderiniz. -----------------------------------------------------------------------