ClamAV detecting Virus in 0.92.1 tarball
Matthias Andree
matthias.andree at gmx.de
Sat Jul 10 22:57:59 CEST 2004
On Sat, 10 Jul 2004, Stefan Bellon wrote:
> "rmail" ... that rings a bell: When I ported Bogofilter to RISC OS
> (which still uses the old rmail mailbox format), I sent David a few
> randomly selected rmails from my inbox to show why rmail support is
> needed.
The rmail isn't RISC OS specific but that file looks like a regular
uncompressed UUCP mail batch.
> As RISC OS uses ARM processors which are not x86 compatible, I have no
> need whatsoever to check for viruses. Would some kind soul please check
> the file in question whether it really contains a virus? If so, I feel
> very sorry, but until right now I was even unaware that David added my
> sample mails to the distribution.o
I'm getting:
rmail.1.mbx: Exploit.IFrame.Gen FOUND
Which isn't a virus but some deceptive HTML code, in the test mail
Message-id: <0HLH00D9BIQZLI at mta07ps.email.bigpond.com>
Unless someone feeds this .mbx file into his Windows mailer, no harm
will be done.
I believe David wasn't even aware the files got added by the
Makefile.am/automake system - we're listing directories which are then
distributed recursively. I'm in the process of replacing directories by
explicit file lists to avoid such accidents in the future.
I hope that clears things up,
--
Matthias Andree
Encrypted mail welcome: my GnuPG key ID is 0x052E7D95 (PGP/MIME preferred)
More information about the Bogofilter
mailing list