-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 22 Aug 2003, Keith Pettit wrote:
> Hi all,
>
> I just setup clamd and it seems to be scanning ok, it picked up the test
> virus, but I can't get it to detect SoBig. I have a couple of files in
> my INBOX I know have SoBIG but it dosen't seem to be detecting them.
>
> Here is what i"m doing.
>
> -freshclam (to make sure i have the latest)
> -check to make sure /etc/clamav.conf is pointing to /usr/local/share/clamav
> -I killed all clamd process and restarted clamd -c /etc/clamav.conf
now do
cat * | formail | clamdscan -r --mbox -
or something like
find . -type f ! -exec sh -c 'formail < $0 | clamdscan -r --mbox --quiet
- -' '{}' ';' -print
which will be more scalable (globbing is not good because of the 256
argument limit), and will also print the infected files. If not run only
in cur and new it will also traverse other directories within the
maildir.. if you use courier, all your other mailboxes will also be
scanned. That's what -type f is for.
You can replace -print with -remove or -delete or whatever it is that
find takes to remove them... just be extra sure you negaetd the -exec so
that it doesn't remove the good files instead... =)
since formail takes an RFC822 message and converts it into a mailbox
entry, which is a valid mailbox intself, clamdscan will grok it with the
- --mbox flag.
> Any suggestions would be appreciated.
consider scanning with procmail though - it knows to deliver to
maildirs, and you can then split up viral mail from regular mail...
ciao ciao!
- --
Yuval Kogman ( [EMAIL PROTECTED] | [EMAIL PROTECTED] )
kung foo master: shazzambangwhaapp: neeyah!!!!!!!!!!!!!!!!!!!!!!!!!
et perl hacker. [EMAIL PROTECTED] http://nothingmuch.woobling.org/ gpg:0xEBD27418
http://wecanstopspam.org/ http://www.habeas.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)
Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/
iEYEARECAAYFAj9I+RUACgkQVCwRwOvSdBjMFgCgrijiIXVsK/CdpEQUhTYDZtp6
aIoAnjc9ecrxSD5MkR91MJUH42S5glwe
=5TOl
-----END PGP SIGNATURE-----
-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0
_______________________________________________
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users
