----- Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem <[EMAIL PROTECTED]> wrote: > Is their any way to tell Clamav to look at a file > before it is considered a Virus? > > I got a call from a customer who said that Zip files > are getting intercepted by clamav and are defaulting them as a virus.
It depends on what you have configured ClamAV to do. You can configure ClamAV to: * Consider all password protected archives are infected (assume they are infected because they can't be checked) (ArchiveBlockEncrypted) * Consider all archives over a certain size to be infected. (ArchiveBlockMax) So what have you configured ClamAV to do? Good thing you run ClamAV too, as you are also using the root@ account to send (and probably) e-mail. That's generally a bad idea. I think ClamAV can detect most mail bombs, but you but should probably not rely on ClamAV as your only security against a complete server compromise. Tom _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html