Oh, that's great! Good to know that clamscan does MIME processing. Is anyone aware of known bugs with clamscan's MIME processing?
Thanks for your help, Ed! Ricardo On Mon, 5 May 2003 11:58:17 -0400 (EDT) Ed Phillips wrote: > On Mon, 5 May 2003 [EMAIL PROTECTED] wrote: > > > Does clamav not take apart MIME messages? > > > > Is something like MIMEDefang necessary with clamav? > > No. We use MIMEDefang for many things (taking apart the email is just one > of those things). We also use MD for running SpamAssassin scoring on > email messages. > > ClamAV has features to take apart MIME messages, as far as I know, but > last I heard, clamd doesn't (only clamscan can do it). Support for taking > apart MIME messages in ClamAV is pretty "new", so personally, I'd wait for > the wrinkles to get ironed out before using it to take apart 100-300,000 > emails a day - but that's probably just my own paranoia. ;-) MIMEDefang > has most of its wrinkles already worked out. (MIME is a terrible thing... > and MIME-bursting software is notoriously buggy in my experience). > However, we're pretty happy to let MD do the MIME-bursting and let clamd > just scan the attachment files. > > Ed > > > > > Thanks > > Ricardo > > > > On Mon, 5 May 2003 11:45:58 -0400 (EDT) Ed Phillips wrote: > > > > > On Mon, 5 May 2003 [EMAIL PROTECTED] wrote: > > > > > > > Thanks Ed! > > > > > > > > So you use clamd + clamdscan, and information is kept in the > clamd log. > > > > > > Actually, we use clamd + MIMEDefang (which takes apart email messages, > > > tells clamd to scan them, then checks the results)... > > > > > > > Is there any way to know what viruses were found other than > having to > > > > look at the clamd log? > > > > > > I don't know. I thought clamscan printed out the same kind of message > > > that clamd did... but I don't use clamscan much. > > > > > > Ed > > > > Ed Phillips <[EMAIL PROTECTED]> University of Delaware (302) 831-6082 > Systems Programmer III, Network and Systems Services > finger -l [EMAIL PROTECTED] for PGP public key
