ClamAV + worm in mbox file
Christof Damian
christof at damian.net
Tue May 25 16:27:01 UTC 2004
On Tue, 25 May 2004, Ow Mun Heng wrote:
>
> That;s not an idea which I don't mind doing. The only thing is, I
> have _no_ idea which message contains the worm!
>
you could try something like this, use formail and a little
script. its a bit slow, but it worked for me. you can use diff on the
mailboxes to see the virus.
formail < evilmailbox -s thescript.sh > nicemailbox
#!/bin/bash
TEMP=`mktemp`
cat > $TEMP
clamscan --quiet --unzip --mbox $TEMP
if [ $? == 0 ]; then
cat $TEMP
fi
rm $TEMP
--
Christof Damian
christof at damian.net
More information about the fedora-list
mailing list