At 14:06 01/18/2002 Friday, Kathy Montgomery wrote: >A list owner reported to me that one of his subscribers succeeded in >sending a virus to the list. Indeed, I was able to download the .BAT >attachment from the archives, which contained W32.Magistr.39921@mm, >according to my antivirus software. The list was set to >"Attachments=No" and "Language=NoHTML." The message itself as it >appears in the archives looks like it has a "Content-Type: >multipart/mixed;" header. I don't know how to attempt to duplicate what >happened. > >How did this file get through? Knowing that LISTSERV can't actually >scan for viruses, is there any way to prevent this in the future? Attachments=No http://www.lsoft.com/manuals/1.8d/owner/appendb.html#keyAttachments Language= NoHMTL http://www.lsoft.com/manuals/1.8d/owner/appendb.html#keyLanguage My synopsis: the plain ASCII text attachments ARE allowed; multipart MIME are stipped. BAT files being plain ASCII are thus transmitted. Though I haven't tested this, setting subscriber options to SHORT might foil any MIME attachment, but certainly not the inclusion of UUENCODE within the body. If I am not mistaken (check the lstown-l and lstsrv-l archives), there has been mentioned by L-Soft of future LISTSERV(R) enhancements in this arena. /Pete