On Wed, Mar 03, 2004 at 11:11:19AM -0500, Derek J. Balling wrote: > > On Mar 3, 2004, at 11:06 AM, Antony Stone wrote: > > As far as I'm aware, all of these tests do not actually involve > > viruses (or > > even the Eicar test virus) - therefore you wouldn't expect an > > Anti-Virus > > program to be triggered by them. They are tests of other things to > > do with > > email which a mail server administrator might well want to restrict. > > > > MailScanner, for example, as a wrapper around ClamAV, deals with a > > number of > > these, but it is inappropriate to expect the Anti-Virus engine ClamAV > > to do > > them itself. > > I would expect clamav-milter, since it's distributed as part of the > package, and it *does* directly deal with the message itself, to handle > them... and it doesn't. > > D > > > > --__--__--
I tried the set of tests too, and indeed, ClamAV misses a number of them. But so does McAfee on the mail server. Only once the test virusses reach the windows desktop does McAfee on-access scanner detect them. In other words: the outlook vulnerabilities seem to be necessary to turn those messages into detectable eicar test strings. David Jansen ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
