I'm running clamAV 0.67 - amavis new with this config: LogFileMaxSize 100M LogTime PidFile /var/run/clamd.pid LocalSocket /tmp/clamd FixStaleSocket MaxConnectionQueueLength 30 StreamSaveToDisk StreamMaxLength 10M MaxThreads 10 MaxDirectoryRecursion 15 User amavis AllowSupplementaryGroups ScanMail ScanArchive ScanRAR ArchiveMaxFileSize 10M ArchiveMaxRecursion 5 ArchiveMaxFiles 1000
and freshclam: DatabaseDirectory /var/lib/clamav UpdateLogFile /var/log/freshclam.log DatabaseOwner clamav DatabaseMirror database.clamav.net MaxAttempts 3 Checks 48 NotifyClamd
All is running well when I scan a mail with Worm.Bagle.F-zippwd-3: [EMAIL PROTECTED] tmp # clamdscan dam.eml /tmp/dam.eml: Worm.Bagle.F-zippwd-3 FOUND
----------- SCAN SUMMARY ----------- Infected files: 1 Time: 0.057 sec (0 m 0 s)
[EMAIL PROTECTED] tmp # clamscan dam.eml dam.eml: Worm.Bagle.F-zippwd-3 FOUND
----------- SCAN SUMMARY ----------- Known viruses: 20372 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 0.02 MB I/O buffer size: 131072 bytes Time: 1.569 sec (0 m 1 s)
BUT when I send (to me) this mail with no modification it isn't detected, and just this virus (SomeFool,Bagle etc are successfully deleted) pass! (I receive the mail with the virus). I really don't understand because clamd successfully noticed the db update (and I tried to restart it, no effects) and there's just a pb with this virus.
Many thanks, because ClamAV is one of the best AV nowadays.
Damien GOUJU
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
