Hanford, Seth wrote:
Well, clamscan is being called from the Clamassassin script. Are you saying I should call clamscan with the --mbox option in that script?clamav.conf is used by clamd for configuration parameters. Try running clamscan --mbox to get the detection. It _may_ not work because of the definition of EICAR, which IIRC is fairly strict and has the "virus" starting at the very beginning of the file. It should work with clamscan --mbox with EICAR attached, as opposed to being in the body of the message.
Maybe I should try starting with an original clamav download instead of using apt-get and whatever comes with the Debian dist. Isn't it a problem that I don't even have clamav.conf?? I'll see if I get any other responses/ideas before proceeding. THANKS! - John2. I don't seem to have anything related to clamd - Why? How to run
clamd? My system has no knowledge of clamd or clamdscan. Differences
between running clamd vs clamscan? I have a low volume machine.
Clamd is probably not necessary on a low-volume machine, but it allows faster scanning through local Unix sockets, or for shared scanning via TCP sockets. You should be ok to run clamscan --mbox; if you notice a slowdown in mail, look for .deb's with clamd (assuming that, like some distributions, they have been separately packaged.)
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users
