Gerard wrote: > I seem to be having a slight problem with Clamav. It catches incoming an > incoming virus just fine. It also works on phishing schemes. > > From time to time, I need to send samples of various phishing schemes I > receive to others for analysis. Unfortunately, Clamav is detecting that > I am sending them as an attachment and stops the send. How can I bypass > this without totally disabling Clamav? Would it be possible to > 'whitelist' a few selected addresses.
Consider zipping them up using a password, or else use GnuPG or PGP to create a signed and encrypted attachment. You should be very careful about forwarding or resending malicious email completely live and unchanged. This being said, most of the ways that you integrate ClamAV into an email system will support whitelisting certain addresses, and I have postmaster@ and abuse@ whitelisted like that in the access map (used by sendmail or postfix), and in amavisd.conf. -- -Chuck _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
