I just took your suggestion and tried it and it still does not detect the
virus. I have the original text email that I scan like follows:
./clamscan sample.txt This is a copy of the atomic-time-stamp type file in the Maildir
I do not know the format of the cvd files, I assume I would need to find The signature that matches the unzipped version and create a new entry Just like that but with the password.
Thanks Zack
I probably should have mentioned, that if you do that, you'll need to pass the --mbox parameter to clamscan (or if you use clamdscan, you need the Scanmail parameter in the config file). Such as:
clamscan --mbox sample.txt
Also make sure you have a current version of the software and have run freshclam, as the signatures you mentioned seem to be a very small subset of the current signature database. I have 72 bagle related signatures in my 0.75 distro (when I did `sigtool -l | grep -ci bagle`).
Ryan Moore ---------- Perigee.net Corporation 704-849-8355 (sales) 704-849-8017 (tech) www.perigee.net
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
