Hi all, I'm not 100% sure this is the correct list to ask this, but as the problem relates to ClamAV, I hope someone will have the answer for me.
I've got a mail filter server set up, running postfix, amavisd-new, SpamAssassin and ClamAV. This morning, it was found that a worm had somehow gotten in through this, by being in a zip file (which a user naturally opened). I have "ScanArchive" in my clamd.conf and amavisd-new *should* be set up to scan zip files, so I don't know why is would have been missed? I got a sample of the worm, and ClamAV (the online web scan) detected it (inside the zip). Any hints will be very much appreciated! Cheers, Frode Egeland _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
