[Esd-l] How to mangle contents of a .zip file?

Brian Hampton bhampton at hisolutions.net
Tue Mar 9 09:19:42 PST 2004

I recently set up .141 so that I could deal with all of the Beagle/Bagle
.zip viruses shooting around.  But we do send quite a lot of legitimate
executables within .zip files.

I misunderstood the new .zip file features, thinking it would simply
mangle the name within the .zip file according to the same
MANGLE_EXTENSIONS directive that straight attatchments are subject
to.  Am I correct in my conclusion that the .141 version does not
allow me to mangle filenames within .zip files?  I have only been
able to poison them thus far.  If so, is this something you would
consider in the future?

I would prefer to not treat an executable differently depending
on if it's in a .zip file.  We don't poison much here, we simply
defang (because we send so many legit executables around).


More information about the esd-l mailing list