One of our employees is having difficulty receiving e-mails from a vendor. The vendor is zipping up two text files and e-mailing the zip file to us. The Zip file is identified as a virus by our on-line e-mail filtering service and the e-mail is deleted before it hits our mail server. If the vendor sends the two text files without zipping them, they come through fine.
The vendor claims that our filtering service must be incorrectly analyzing something in the ZIP file that makes it think it contains a virus. I'm not so sure. I'm wondering about the possibility that a virus (the W32/Bagle.G in particular) can be introduced by the client's zipping program. Maybe the text files are clean, but if the zipping software was infected, the resultant zip file might be infected.
I haven't read any evidence of this behavior yet, but I'm looking. We've been using this on-line spam-and-virus filtering service for over a year, and this is the first time I've had a complaint of "false positives".
Thanks in advance,
November 1, 2005 12:22 PM
November 3, 2005 10:25 AM