[...]
Some people complained that ClamAV is not a 'vulnerability/exploit' scanner,[...]
but a virus scanner. This makes sense (and helps to avoid code bloat), but if
After blocking 'com' extension i absorved that many of viruses from testvirus.org had 'com' extension!!
Better i block the 'com' extension itself,atleast reducing the load on CLAM :))
Which scanner are you using? qmail-scanner scans viruses FIRST, then blocks extensions based on policy. This change was made between 1.20-rc2 and 1.20-rc3 if I remember correctly.
I'm using Exim mailserver with " exiscan-acl patch revision 14" This will block unwanted attachments first,than scans allowed attachments..
Why to scan those attachments which we won't allow!! As i seen right now clamav is only process which is taking most of CPU usage!!(Compared to other process on the server,but not a problem)
Atleast this scan reduce load on CLAMAV ;)
Better if we won't block these attachment while we are testing CLAMAV :)
-Dilip
-- I was born intelligent .... education ruined me. --------
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
