Hello, I have just joined the email list and would like to thank everyone in advance for their help. I have searched the archives and google until my eyes have hurt and have waited about 10 days before escelating my issue to this list.
Here is my issue. I have setup Postfix/Amavis-new/ClamAV/SpamAssassin on RedHat9, everything from source. I had someone send me an email they received with netsky.c so I could test the system. The zip file contains the file "found_id.txt.pif". Clamd is not detecting the virus when the file is passed via amavis-new. I turned on the clean logging features and verified that clamd received the file and declared it OK. I then added the ClamAV and F-Prot command line scanners as primary scanners in Amavis-new and sent the message again. Clamd did not detect the virus, neither did the command line clamscan. The F-Prot did detect the virus as Netsky.C. If I do not scan the message at all, Panda Platinum 7 running on my Win2k box detects the virus as Netsky.C. The file is definately infected with Netsky.C. I wanted to make sure my archive scanning settings were correct for clamd. I searched these email archives and found that Archive support should be turned on (it was) as well as StreamSaveToDisk (it wasn't). I tested with StreamSaveToDisk and it still did not find the virus. I scanned manually using clamscan -v yep.msg (the email message)and did not find a virus. I then ran the F-Prot command line scanner and it did find the virus. I checked to make sure I have been updating my definitions correctly and I have. Last update was Mon Feb 23 at 15:04:35 2004. (This morning) Does anyone have any insight? Am I missing something? Thanks again for your help. Ian __________________________________ Do you Yahoo!? Get better spam protection with Yahoo! Mail. http://antispam.yahoo.com/tools ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
