Paul Whelan wrote: >> I think your amavis tried to decode the message, and pass only parts of >> it to ClamAV. > > In general then, clamav may only recognise some malware when it is > still attached to a mail message and not after it has been > separately stored. Is that correct?
It may or may not, depending on the message and the signature that catches it. Since clamav internally process the mail message and all its attachments anyway, having this done twice (by amavis and by clamav) is probably pointless... ---acab _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
