> > By sending a base64 encoded image file in a URL an attacker could evade > > virus scanning. > It's somewhat harsh to single out ClamAV for this issue. AFAICT, the > only two virus scanners that do currently protect against this are What mail clients, if any, would execute a virus encoded in this manner? Is this a gaping hole in other mail anti-virus systems, or do most clients just ignore this kind of data?