Some years ago, before ClamAv had an option to follow symlinks when
recursing, I modified the source code to add an option to do that. It
was not too much work to do it once, but it got tedious to roll the
modifications forward and recompile with every new version, as I like
to keep up, even ahead
Am 05.10.2016 um 21:09 schrieb Michael Grant:
I see a ton of these too. But I also have clients who get password
protected documents all the time, so it's a bit difficult to just blanket
block all password protected documents
you don't need to - they just get a additional score in
I see a ton of these too. But I also have clients who get password
protected documents all the time, so it's a bit difficult to just blanket
block all password protected documents.
However, if you look at one of these emails, virtually 100% of the virus
emails contain the password to decrypt the
Am 05.10.2016 um 20:52 schrieb Dennis Peterson:
On 10/5/16 11:37 AM, Alex wrote:
Can you explain how you configured systemd to start two instances of
the same clamd binary using different config files?
Create a second config file and give it a unique name or place it in a
different
On 10/5/16 11:37 AM, Alex wrote:
Can you explain how you configured systemd to start two instances of
the same clamd binary using different config files?
Thanks,
Alex
# clamd --help
Clam AntiVirus Daemon 0.99.2
By The ClamAV Team:
> On Oct 5, 2016, at 1:54 PM, Alex wrote:
>
> Hi,
>
>> Are you submitting these files to ClamAV?
>>
>> http://www.clamav.net/reports/malware
>
> Not always, primarily because the response time has been too long.
> I'll try to more attentively submit them.
>
It
Hi,
>>> [root@mail-gw:/etc/clamd.d]$ cat scan.conf | grep OLE2BlockMacros
>>> OLE2BlockMacros no
>>>
>>> [root@mail-gw:/etc/clamd.d]$ cat scan-sa.conf | grep OLE2BlockMacros
>>> OLE2BlockMacros yes
>>
>>
>> Reindl, I appreciate your input, but I can't just outright reject docs
>> with macros.
Am 05.10.2016 um 20:02 schrieb Alex:
I'm using spamassassin on fedora with amavisd. Is there something that
can be done to at least tag them in some way so the end-user knows
it's a potential threat?
reject attachments with macros or add a clamd instance connected to the
clamav-sa-plugin
Hi,
>> I'm using spamassassin on fedora with amavisd. Is there something that
>> can be done to at least tag them in some way so the end-user knows
>> it's a potential threat?
>
> reject attachments with macros or add a clamd instance connected to the
> clamav-sa-plugin with a high score as i
Hi,
> Are you submitting these files to ClamAV?
>
> http://www.clamav.net/reports/malware
Not always, primarily because the response time has been too long.
I'll try to more attentively submit them.
Thanks,
Alex
___
Help us build a comprehensive
Alex,
Are you submitting these files to ClamAV?
http://www.clamav.net/reports/malware
--
Joel
> On Oct 5, 2016, at 8:21 AM, Alex wrote:
>
> Hi,
> I'm starting to receive emails like this:
>
> http://pastebin.com/HpvEcT9K
>
> They're not being caught by clamav or
Content-Type: application/octet-stream
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="Scan - 001265480.tbz2"
that beast is a valid bzip2 archive and contains a windows exceutable
does clamd not realize that as archive or sansecurity foxhole rules?
On Wed, October 5, 2016 1:21 pm, Alex wrote:
> Hi,
> I'm starting to receive emails like this:
>
>
> http://pastebin.com/HpvEcT9K
>
>
> They're not being caught by clamav or other virus filters. Is it even
> possible to catch encrypted Word docs with a virus scanner?
>
Sorry this is brief, still
Hello,
> They're not being caught by clamav or other virus filters. Is it even
> possible to catch encrypted Word docs with a virus scanner?
A signature has been created and will be publish today on our 3rd party
signatures:
Am 05.10.2016 um 14:21 schrieb Alex:
I'm starting to receive emails like this:
http://pastebin.com/HpvEcT9K
They're not being caught by clamav or other virus filters. Is it even
possible to catch encrypted Word docs with a virus scanner?
I'm using spamassassin on fedora with amavisd. Is
Hi,
I'm starting to receive emails like this:
http://pastebin.com/HpvEcT9K
They're not being caught by clamav or other virus filters. Is it even
possible to catch encrypted Word docs with a virus scanner?
I'm using spamassassin on fedora with amavisd. Is there something that
can be done to at
You have access to the source code. Make it do what you want that it does not
already do.
dp
On 10/3/16 10:05 AM, crazy thinker wrote:
Hi,
when i scanned a dirtectory using clamdscan, i could get only error and
virus file infected files status in output.but i would like to see each
file
On 10/03/16 19:05, crazy thinker wrote:
> Hi,
>
> when i scanned a dirtectory using clamdscan, i could get only error and
> virus file infected files status in output.but i would like to see each
> file status(including "OK" status also ) when i perform scan over sinle
> dirtectory / multiple
18 matches
Mail list logo