> People have been doing that kind of thing for years, I'm not sure how > much it's increasing. Most of the time it seems to me they don't know > why they're doing it nor even, if there is something in there to find, > how likely it is that a ClamAV scan will find it.
I know people have been scanning their entire systems all these years. I was referring to just casually observing recently more people "posting on the mailing list" about when they do a full scan on their system. > Although we share files with Windows platforms we really > only use ClamAV to scan mail. I guess we're as untypical of a ClamAV > user as you'll get. I only use ClamAV to scan email on my linux box. To me that seems like the most common / typical use. > Even so, ever since we took to rejecting > mail based on things like geography it really is just the occasional > catch. Yep, other measures for me too has meant that ClamAV *might* get one hit a day, which typically is a 3rd party phishing signature. I'm sure if ClamAV didn't catch it the email would still have been flagged and deleted as spam from other measures. > It's a while since I looked at this, so I did a few 'grep's on 'daily': You inspired me to take a look at the signature files, and using sigtool to unpack them I browsed each of them (not really sure what each file does) and indeed there are lots of signatures labeled Unix & Multios and such. Looks like I might run a manual scan on the file system and see what happens. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
