Some updates on what I've posted a few weeks ago:
That time I was complaining about SomeFool.P passing through my ClamAV server and getting caught by NAV on the Exchange server (as [EMAIL PROTECTED]). I was encouraged to update to the latest ClamAV, which I did and now I'm running version 0.75.1.
Still, about 4-5 times a day, NAV detects [EMAIL PROTECTED] I repeat, NAV/Exchange server is behind my RH Linux/ClamAV machine which is supposed to do all filtering (AV/Spam) until it passes the mails to the Exchange. I saved a copy of the worm detected by NAV and submited to COSS which detects it as SomeFool.P. Further more, I resent the worm copy from a different location back to the ClamAV server which, this time, detects it! Same thing happens with SomeFool.Q. These 2 worms are the reason for keeping NAV as backup scanner...
The good thing is that SA tags these messages infected with SomeFool.P/Q as spam and detects a windows executable as show in this report:
-------------------------------------------------------------------------------------------------
2.0 VIRUS_WARNING_EXE1 BODY: Message appears to contain a Windows executable
-------------------------------------------------------------------------------------------------
Maybe the issue it's not related to ClamAV, maybe QS it's not triggered properly...
Thanks for any help,
Arthur
------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
