I seem to be having some virii sneaking past my clamAV net. they all come as bounces from a remote qmail server that has it's own sender envelope with headers and a message containing a reason for the mail getting rejected with something like:
Hi. This is the qmail-send program at email.seznam.cz.
I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out.
Then it's shortly followed up with a:
--- Below this line is a copy of the message.
and then the complete original message, headers and all, is included. It's the original message that has the virus, (in all cases it's MIME encoded) and for some reason, when the double headers are in place, neither clamd or clamscan can figure out that it's a virus. If you edit the file, and remove the extra envelope, then clamav picks it up just fine.
Any thoughts on how I can fix/work around this??
-= Jay =-
------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
