Love the ClamAV system - 25000+ Sobig.F viruses blocked across 6 servers in 3 days. *whew*
But begs the question:
As PostMaster of these servers we are blessed with bounces, re-mails and the like WITH the viruses in them in a lot of cases.
I have most of these file types blocked by default, the bad ones, including .pif, in our system-wide procmail filter. What I am seeing is that bounced or double-bounced emails are being passed right through MailScanner and ClamAV after being scanned and wind up being blocked at the procmail level as a malicious file-type. And there have been quite a few.
Why wouldn't ClamAV and/or MailScanner find these and quarantine them just as it would the virus in a normal email? This is the Sobig.F virus, BTW. Or is something else going on?
Ideas anyone?
Jerome
ePaxsys Technical Support ePaxsys, Inc. http://www.epaxsys.net http://www.frws.com Live Text Support: http://www.epaxsys.net/live-help
------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
