Thanks for the help, and introducing me to the Sane Security signatures. I was editing the wrong clamd.conf file...
Last question: when a signature match occurs, is X-Virus-Status set to Yes (in email headers)? I am guessing yes, and that X-Virus-Report gives the name of the signature match. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Noel Jones Sent: Wednesday, July 11, 2007 12:40 AM To: ClamAV users ML Subject: Re: [Clamav-users] scanPDF Usage At 07:55 PM 7/10/2007, Michael McCandless wrote: >I am using Clamav (0.90.3), compiled from source, on Fedora Core 7. I have >checked documentation, wiki, and mailing list archives. > >My clamd.conf file includes the following: > ># This option enables scanning within PDF files. ># Default: no >ScanPDF yes > >When I look at my clamd log file I see: >PDF support disabled. > >I was expecting to see "PDF support enabled". I am getting lots of spam >emails with PDF attachments, that's why I'm trying to get this option >working. I can't answer why you get "PDF support disabled", but I will tell you that enabling this will have no effect on your pdf spam. (Sure you're editing the right clamd.conf? what's clamconf say?) The SaneSecurity add-on signatures do a pretty good job of catching these pdf spams, and does not depend on clamav PDF support. http://sanesecurity.co.uk/clamav/usage.htm the pdf sigs are in the "scam" database I'm a huge fan of the SaneSecurity signatures and highly recommend them to anyone who wants to expand clamav's anti-phish & anti-scam capabilities. -- Noel Jones _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
