We think we're having a problem with one of our mailservers whereby user's PC's are getting hit with viruses. All mailservers have had ClamAV recently updated to version 0.102.4. The logs at /var/log/qmail/smtp and /var/log/qmail/submission show that ClamAV is indeed analyzing emails and attachments so we're trying to figure out how these viruses are getting through. We do see that most 'Virus Drops' are due to spoofed domains. Very, very few are noted as Trojans or actual viruses.
Can anyone share the results of: grep simscan /var/log/qmail/smtp/current|tai64nlocal |less showing that clamav is finding actual viruses? Any thoughts or suggestions would be appreciated. Jeff
