Linux.pl
Opcje wyszukiwania podręcznika man:
Lista stron man zaczynających się od znaku:
A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U   V   W   X   Y   Z   ALPHA   NUM   OTHER   ALL
Mail::SpamAssassin::PlUser:ContribuMail::SpamAssassin::Plugin::OLEVBMacro(3pm)

NAME
       Mail::SpamAssassin::Plugin::OLEVBMacro - scan Office documents for
       evidence of OLE Macros or other exploits

SYNOPSIS
         loadplugin Mail::SpamAssassin::Plugin::OLEVBMacro

         ifplugin Mail::SpamAssassin::Plugin::OLEVBMacro
           body     OLEMACRO eval:check_olemacro()
           describe OLEMACRO Attachment has an Office Macro

           body     OLEOBJ eval:check_oleobject()
           describe OLEOBJ Attachment has an Ole Object

           body     OLERTF eval:check_olertfobject()
           describe OLERTF Attachment has an Ole Rtf Object

           body     OLEMACRO_MALICE eval:check_olemacro_malice()
           describe OLEMACRO_MALICE Potentially malicious Office Macro

           body     OLEMACRO_ENCRYPTED eval:check_olemacro_encrypted()
           describe OLEMACRO_ENCRYPTED Has an Office doc that is encrypted

           body     OLEMACRO_RENAME eval:check_olemacro_renamed()
           describe OLEMACRO_RENAME Has an Office doc that has been renamed

           body     OLEMACRO_ZIP_PW eval:check_olemacro_zip_password()
           describe OLEMACRO_ZIP_PW Has an Office doc that is password protected in a zip

           body     OLEMACRO_CSV eval:check_olemacro_csv()
           describe OLEMACRO_CSV Malicious csv file that tries to exec cmd.exe detected

           body     OLEMACRO_DOWNLOAD_EXE eval:check_olemacro_download_exe()
           describe OLEMACRO_DOWNLOAD_EXE Malicious code inside the Office doc that tries to download a .exe file detected

           body     OLEMACRO_URI_TARGET eval:check_olemacro_redirect_uri()
           describe OLEMACRO_URI_TARGET Uri inside an Office doc

           body     OLEMACRO_MHTML_TARGET eval:check_olemacro_mhtml_uri()
           describe OLEMACRO_MHTML_TARGET Exploitable mhtml uri inside an Office doc
         endif

DESCRIPTION
       This plugin detects OLE Macros or other exploits inside Office
       documents attached to emails.  It can detect documents inside zip files
       as well as encrypted documents.

REQUIREMENT
       This plugin requires Archive::Zip and IO::String perl modules.

USER PREFERENCES
       The following options can be used in both site-wide ("local.cf") and
       user-specific ("user_prefs") configuration files to customize how the
       module handles attached documents

       olemacro_num_mime (default: 5)
           Configure the maximum number of matching MIME parts (attachments)
           the plugin will scan.

       olemacro_num_zip (default: 8)
           Configure the maximum number of matching files inside the zip to
           scan.  To disable zip scanning, set 0.

       olemacro_zip_depth (default: 2)
           Depth to recurse within zip files.

       olemacro_extended_scan ( 0 | 1 ) (default: 0)
           Scan all files for potential office files and/or macros, the
           "olemacro_skip_exts" parameter will still be honored.  This
           parameter is off by default, this option is needed only to run
           "eval:check_olemacro_renamed" rule.  If this is turned on consider
           adjusting values for "olemacro_num_mime" and "olemacro_num_zip" and
           prepare for more CPU overhead.

       olemacro_prefer_contentdisposition ( 0 | 1 ) (default: 1)
           Choose if the content-disposition header filename be preferred if
           ambiguity is encountered whilst trying to get filename.

       olemacro_max_file (default: 1024000)
           Limit the amount of bytes that the plugin will decode and scan from
           the MIME objects (attachments).

       olemacro_exts (default:
       (?:doc|docx|dot|pot|ppa|pps|ppt|rtf|sldm|xl|xla|xls|xlsx|xlt|xltx|xslb)$)
           Set the case-insensitive regexp used to configure the extensions
           the plugin targets for macro scanning.

       olemacro_macro_exts (default:
       (?:docm|dotm|ppam|potm|ppst|ppsm|pptm|sldm|xlm|xlam|xlsb|xlsm|xltm|xps)$)
           Set the case-insensitive regexp used to configure the extensions
           the plugin treats as containing a macro.

       olemacro_skip_exts (default: (?:dotx|potx|ppsx|pptx|sldx)$)
           Set the case-insensitive regexp used to configure extensions for
           the plugin to skip entirely, these should only be guaranteed macro
           free files.

       olemacro_skip_ctypes (default: ^(?:text\/))
           Set the case-insensitive regexp used to configure content types for
           the plugin to skip entirely, these should only be guaranteed macro
           free.

       olemacro_zips (default: (?:zip)$)
           Set the case-insensitive regexp used to configure extensions for
           the plugin to target as zip files, files listed in configs above
           are also tested for zip.

       olemacro_download_marker (default: (?:cmd(?:\.exe)? \/c ms\^h\^ta
       ht\^tps?:\/\^\/))
           Set the case-insensitive regexp used to match the script used to
           download files from the Office document.

perl v5.36.0                      2Mail::SpamAssassin::Plugin::OLEVBMacro(3pm)

Czas wygenerowania: 0.00039 sek.

Created with the man page lookup class by Andrew Collington.
Based on a C man page viewer by Vadim Pavlov
Unicode soft-hyphen fix (as used by RedHat) by Dan Edwards
Some optimisations by Eli Argon
Caching idea and code contribution by James Richardson

Copyright © 2003-2025 Linux.pl
Hosted by Hosting Linux.pl