Mon, Oct 27, 2003 at 04:28:40PM +0300, you(Sergey V. Burchu) wrote: > Hello where. > Hope this will help: > > Here (http://joker.botik.ru/~sayd/tmp/letter.tar.bz2) are 3 files:
Oops.. I'm sorry, I forgot something. Archive can be found here: http://up.botik.ru/~sayd/tmp/letter.tar.bz2 > 1) abram -- original file I have, this a returned mail from mailer-daemon > with infected mail inside. > 2) Mail delivery failed_ returning message to sender.eml -- infected mail > which is inside (1). > 3) readme.exe -- Worm.BugBear.B infected. > > So I have that 3 files, here is result of scanning: > > sayd:~> clamdscan abram > /home/sayd/abram: OK > > ----------- SCAN SUMMARY ----------- > Infected files: 0 > Time: 0.046 sec (0 m 0 s) > > sayd:~> clamdscan Mail\ delivery\ failed_\ returning\ message\ to\ sender.eml > /home/sayd/Mail delivery failed_ returning message to sender.eml: OK > > ----------- SCAN SUMMARY ----------- > Infected files: 0 > Time: 0.023 sec (0 m 0 s) > > sayd:~> clamdscan readme.exe > /home/sayd/readme.exe: Worm.BugBear.B FOUND > > ----------- SCAN SUMMARY ----------- > Infected files: 1 > Time: 0.004 sec (0 m 0 s) > > Here is my config: > LocalSocket /var/run/clamd.ctl > ScanArchive > StreamSaveToDisk > ArchiveMaxRecursion 5 > ArchiveMaxFiles 1000 > ArchiveMaxFileSize 10M > ThreadTimeout 180 > MaxThreads 5 > MaxConnectionQueueLength 15 > PidFile /var/run/clamd.pid > DataDirectory /var/lib/clamav/ > SelfCheck 3600 > LogFile /var/log/clamd.log > LogTime > ScanMail > > > I use Debian unstable if it can help. -- Burchu Sergey. ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
