Hi,
I use amavis-new and block based on file type. My users should never
get legit executables via email, so they are sent to a quarantine.
Unfortunately, we're finding those simple-minded rules are running out
of gas. :( We've seen a zip file containing an Excel spreadsheet
with a macro virus in it. ClamAV is essentially useless at detecting
viruses, so it's a real problem... any ideas?
Useless? Are you using the third-party patterns? You think it's useless
using those as well? Just not responsive enough or doesn't have the
technology to catch today's threats?
What are the threats it doesn't catch?
Thanks,
Alex
