Hello. I wanted ClamAV daemon to block encrypted files/archives, so I added `ArchiveBlockEncrypted yes` into config. But it works only with `--stream` flag in clamdscan:
# clamdscan encrypted.zip /.../encrypted.zip: OK ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 0.000 sec (0 m 0 s) # clamdscan --stream encrypted.zip /.../encrypted.zip: Heuristics.Encrypted.Zip FOUND ----------- SCAN SUMMARY ----------- Infected files: 1 Time: 1.104 sec (0 m 1 s) # clamd --version ClamAV 0.99.3/24320/Fri Feb 16 12:20:55 2018 ClamAV and clamdscan runs on the same Linux machine and communicates through UNIX socket. Does anyone faced this situation? Is this by design or something, or it's a bug and I better send this mail to clamav-devel? _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
