I've noticed the several Viruses are getting through my mimedefang
Filter. One sample is a copy of Bounce message including the Headers,
and Multi part MIME Attachments Containing the . The Virus is
detectable with Clamscan, but not with antivir. I am not certain if
this is an issue with
On Sun, 30 May 2004, Albert Whale wrote:
I've noticed the several Viruses are getting through my mimedefang
Filter.
[...]
This message has been rejected because it has
a potentially executable attachment message.scr
This form of attachment has been used by
recent viruses
On Mon, 31 May 2004, Albert Whale wrote:
I can manually run the scanner on the mbox file and detect the virus. I
just cannot see what the difference is between a Manual Scan and an MD
Scan, given the same tools.
Enable ScanMail in your clamav.conf
--
David.
Thanks for the reply.
David F. Skoll wrote:
-- This is a copy of the message, including all the headers. --
The bounce message doesn't encapsulate the virus in a MIME message, but
just sticks the whole original message in a text/plain part. So MIMEDefang
never sees the virus, and any
David F. Skoll wrote:
Enable ScanMail in your clamav.conf
It is.
--
Albert E. Whale, CISSP - Sr. Security, Network, and Systems Consultant
http://www.abs-comptech.com http://www.No-JunkMail.com
ABS Computer
Albert Whale wrote:
David F. Skoll wrote:
Enable ScanMail in your clamav.conf
It is.
My Config info:
grep -v ^# /usr/etc/clamav.conf | sort | uniq
AllowSupplementaryGroups
ArchiveBlockEncrypted
ArchiveMaxCompressionRatio 200
ArchiveMaxFiles 1000
ArchiveMaxFileSize 10M
ArchiveMaxRecursion 5
On Mon, 31 May 2004, Albert Whale wrote:
ScanMail
Well, that's odd. Does clamdscan (not clamscan) catch it?
Regards,
David.
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
David F. Skoll wrote:
Well, that's odd. Does clamdscan (not clamscan) catch it?
Yes, I thought that it was odd as well. That's why I'm reporting it.
My original testing included both clamd and clamscan configurations in MD.
My most recent testing was with clamd disabled (so that I could
On Mon, 31 May 2004, Albert Whale wrote:
Well, that's odd. Does clamdscan (not clamscan) catch it?
Yes, I thought that it was odd as well. That's why I'm reporting it.
My original testing included both clamd and clamscan configurations in MD.
Did you run Clam on the actual MIMEDefang spool
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Yes, I thought that it was odd as well. That's why I'm reporting it.
My original testing included both clamd and clamscan
configurations in MD.
My most recent testing was with clamd disabled (so that I
David F. Skoll wrote:
On Mon, 31 May 2004, Albert Whale wrote:
My original testing included both clamd and clamscan configurations in MD.
Did you run Clam on the actual MIMEDefang spool directory, or on a copy
of the message in the quarantine?
Ok, well I don't have the original
- Original Message -
From: Albert Whale [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, May 30, 2004 10:44 PM
Subject: [Mimedefang] MD 2.43 - Missing Viruses
I've noticed the several Viruses are getting through my mimedefang
Filter. [...]
Has anyone else received a virus
On Mon, 31 May 2004, Chris Myers wrote:
1) The default umask for my system is 077, which means that many of the
files created by MIMEDefang are not readable by the virus scanner unless
it's running as root (on my system, I have clamav running as a member of the
defang group). MIMEDefang
13 matches
Mail list logo