Hello, I'm trying to prevent some OLE based attacks with Amavisd-new + Clamav filtering, but setting Clamav to reject every single OLE document is doomed to failure: our users need to receive legitimate documents using OLE.
So I would like to setup Amavisd+Clamav so that when an attachement includes an OLE (ie. when Heuristics.OLE2.ContainsMacros is triggered) I get proper notification in logs for example and the message gets delivered to its recipients, unless of course something else is triggered. I've tried the solution exposed in <https://lists.amavis.org/pipermail/amavis-users/2019-September/005906.html> but I'm not using any policy_bank on my MX servers and I failed to adapt the config snippet to make it work. Any help appreciated! Tnanks Patrick (I'm subscribed to digest, feel free to Cc me when you reply, thanks)