-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
If the default is to use all available virus scanners then we
should configure it to run the fastest virus scanners first.
All daemonized versions, then file::scan, then the rest.
That should speed up virus scanning, and is an easy tweak to
On Tue, 3 Feb 2004, Richard Laager wrote:
in case of outbreaks? Otherwise, it's faster than the daemonized
virus scanners isn't it?
Yes
--
Jason Englander [EMAIL PROTECTED]
394F 7E02 C105 7268 777A 3F5A 0AC0 C618 0675 80CA
___
Visit
On Tue, 2004-02-03 at 19:14, Bill Maidment wrote:
Guys
We came across a problem using virus scanners on .zip files with the
--unzip etc on clamav. One of our users decided to send a 127MB
attachment zipped to 5MB. To cut a long story short, the mail server
timed out/ran out of disk
H
We had in /usr/local/etc/clamav.conf
# Files in archives larger than this limit won't be scanned.
# Value of 0 disables the limit.
# WARNING: Due to the unrarlib implementation, whole files (one by one)
in RAR
# archives are decompressed to the memory. That's why never
Mydoom/Novarg/Worm.SCO seems to be really persistent. Despite using both
ClamAV and manual checking (for known filenames or zips with the particular
file size), one copy actually got through to my inbox this morning where it
was caught by Norton Antivirus. (Not that I would have opened it, of
Glad to see I wasn't the only one.
I tracked back through the logs to see why it got through clamd and
MD... trying to work out why one slipped into my inbox which the backup AV
caught not that I would of opened it anyway.
From the log ... The SA tagged a few things
Milter delete: header
We've had a couple like this and it turned out that the message.zip file
didn't contain the virus Maybe there's a hoax virus going around or
someone has sanitised it along the way. We've also had malformed .zip
files get through until we changed the clamav call to specifically do
--unzip
7 matches
Mail list logo