SMTP: .ZIP
This signature detects e-mail attachments with the extension .zip sent using SMTP. This can indicate an incoming e-mail virus. Zip files are compressed files that can contain one or more executables. Attackers can compress malicious executables within a .zip file, tricking unsuspecting users into executing the file and infecting the system. Because Zip files are frequently used for non-malicious purposes, this signature can generate false positives. As a general network security precaution, ensure that all users are aware of the dangers of sending and receiving binary files in e-mail attachments.
Short Name
SMTP:EXT:DOT-ZIP
Severity
Info
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
.ZIP
Release Date
06/03/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Rarely