Simon Hobson wrote: > Per Jessen wrote: > >> >> It's not about not being able to scan, it's about not wanting to >>>> scan. Regardless, clamav doesn't reject or approve mails, that's >>>> for your MTA to do. >>> >>> If you use ClamAV as milter, it's up to ClamAV to tell the MTA what >>> to do so I guess there's a task for ClamAV too.. >> >>Well, I guess it depends on your point of view. Personally I see the >>MTA doing the rejection, possibly based on information from elsewhere >>(DNS, blacklists, clamav, wherever). > > This is a rather pointless argument about semantics which doesn't > answer the original question. I'll rephrase it for the pedants : > >>I see that there are ways to limit the level of archive that will be >>scanned as well as the size of the entities to be scanned. Is there >>a way for CLAMAV to then flag them as not allowed? > > Oh, I see it works without modification. Is it possible for ClamAV to > flag that the message should be rejected if it can't be scanned - > seems a reasonable question to me.
The OP started by saying "there are ways to limit the level of archive that will be scanned as well as the size of the entities to be scanned", which are performance optimizing options one can use if desired. To which I commented that it's not about a message that can't be scanned, but whether your limits allow it to be scanned. Remove the limits, and everything is scanned (presumbly only limited by hardware resources). Nonetheless, it is actually an interesting question - should/does clamav return "not-scanned-due-to-user-restriction" in such cases? /Per Jessen, Zürich _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
