Hello Matthew, I have uploaded 2 recent samples to sharefile and put this rule into testing. Ikarus AV is enabled and I see it is updating it's signatures and scanning messages.
Shaun
Posts made by Shaun
-
Blocking Phishing attempts sent as html attachments with java script
-
Blocking Phishing attempts sent as html attachments with java script
Delivery has failed to these recipients: matt.mcdermott@mdaemon.comSubject: FW: Sheet ref-4928 For info@optrics.com onlyRemote Server returned: '550 Sorry, this message contains Phishing.HTML.Doc v...
-
Blocking Phishing attempts sent as html attachments with java script
Hello Matt, I have sent you 2 examples just a minute ago.
-
Blocking Phishing attempts sent as html attachments with java script
I was able to create a rule that I think may do what I want. Testing now. require ["securitygateway","fileinto","body"];if body :raw :contains ["<script", "</script>"]{fileinto "a...
-
Blocking Phishing attempts sent as html attachments with java script
SecureGateway doesn't seem to support the 'mime' extension so the above doesn't work.
-
Blocking Phishing attempts sent as html attachments with java script
would something like the following work? require ["mime", "foreverypart", "reject", "body"]; foreverypart { if allof ( header :mime :param "filenam...
-
Blocking Phishing attempts sent as html attachments with java script
We have received a number of attempts at phishing where the attachment was a larger html file and embedded into it is a javascript code block. The attachment consists of all of the images etc. req...
-
critical patch versions for ClamAV
Looks like the versions you want to update to is actually 0.103.8 0.105.2 1.0.1 https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html