Would it be possible to add configuration options that
say what file types are supported? This should be a
tristate option for each file type since for a file
type you can:
1) analyse the file
2) let the file through
3) always reject the file
Eg. I wish not to analyse arc files and would like to
quarantine all mails containing arc files.
I picked arc as an example since the code has several
buffer overruns. Also by embedding a newline in a
filename in the archive, an attacker can stop amavis
from analysing all of the archive.
Logged In: YES
user_id=28904
You can disable archivers by setting the corresponding
variable to "" (in amavisd, you can use the config file),
but that only means that the full archive is passed on
to the virus scanner. Which is not what you want ...
If you submit a patch, or example code, we'll take a look
at it, but other than that I'm not treating this as a
priority issue.