Jeff Thurston wrote: >> Jeff Thurston wrote: >>> I thought ClamAV was able to catch these "Greeting Cards from family >>> member", our domain keeps getting these emails in large quantities even >>> after upgrading to ClamAV 0.90.3 recently. >>> >>> Do I need to upgrade again to .91?? I'm hesitant to do this so soon as >> it >>> was a bit of a hassle going from 0.88.4 to 0.90.3, not to mention at the >>> time I did the upgrade the website front page said that ClamAV was one >> of 4 >>> scanners able to detect the virus. >>> >>> Did I misunderstand that statement thinking it meant both the downloaded >>> payload as well as the email its self? What can I do with ClamAV to stop >> the >>> emails in the first place? >>> >>> Thanks. >> >> Get the highly regarded sane signatures: >> >> http://sanesecurity.co.uk/clamav/ >> >> Look under Usage for download scripts. >> >> MrC >> _______________________________________________ >> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net >> http://lurker.clamav.net/list/clamav-users.html > > Thanks, done this, tested it, still getting greeting cards, enabled URL > scanning, still getting them, checked my main database version, it's > reporting > > ClamAV 0.90.3/3700/Thu Jul 19 06:13:47 2007 > > main.cvd is up to date (version: 43, sigs: 104500, f-level: 14, builder: > sven) > daily.inc is up to date (version: 3700, sigs: 34427, f-level: 16, builder: > ccordes) main.cvd is up to date (version: 43, sigs: 104500, f-level: 14, > builder: sven) > daily.inc is up to date (version: 3700, sigs: 34427, f-level: 16, builder: > ccordes)
That report doesn't include the sane security files. Where did you put phish.ndb and scam.ndb? You didn't leave them gzipped, did you? _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
