Hi > I have a serious issue with the current way virus samples are submitted. Right now, many viruses, such as the currently-spreading jpeg virus (see http://www.easynews.com/virus.txt) are detected by 0.80rc# or by some CVS version. But we can't be expected to run those on production servers. > Yes, I understand that 0.7x can't do a heuristic check for the jpeg exploit. However, it *can* look for this particular file (get your free copy from http://easynews.com/virus/virus-jpeg.zip), and a signature should be released. > This is not an isolated case. The virus submission page must be changed to run the latest RELEASED version of clamav.
I totally agree. It is great to know, that some soon coming version will detect things better and can detect generic problems instead of single viri only. However I have somehow the feeling, that right now our servers are under attack and we are left in the rain alone. Maybe, development could be split into two parts: engine and program host. Then updates to the engine (to accomodate new virus signature types) could be added, while the program can be developed more slowly. I like clam-av very much, but knowing, that I got a virus that was happily detected by McAfee some weeks ago and that I tried to submit to the clamav team, is still not detected by my server and may still hit my customers is a nightmare. Regards, Steffen
smime.p7s
Description: S/MIME cryptographic signature
