Can "Mailcleaner" be configured to let the emails through with a warning appended if ClamAV finds a problem, rather than simply blocking them? That would perhaps be safer than simply letting them through.
For example, we use procmail and clamscan-procfilter.pl (which I modified a bit from the original) on our server to scan for viruses. This filter simply adds a header line to the email if ClamAV found a virus. Then a procmail rule blocks the email if there was a virus. In your case, you could allow the email (but leave the warning) if it came from your important sender (as determined by another procmail rule). This might be a better approach as you would be informed if any emails came from your important sender that *do* contain an apparent virus (assuming hardly any do in fact contain possible viruses). On Mon, 25 Nov 2019 19:56:27 -0300 Marcelo Leães via clamav-users <clamav-users@lists.clamav.net> wrote: > Of course I understand perfectly. > But salespeople use a lot of spreadsheets with macro automation. > > I can not impact the customer business blocked everything. > Some reliable senders need to keep released. > > Just as every day I receive multiple emails from other destinations > with spreadsheets and doc files clearly to exploit vulnerabilities. > > Is there an option to implement this whitelist? > > > --- > > > Em 25/11/2019 07:47 PM, Paul Kosinski via clamav-users escreveu: > > I don't think that *not* scanning email from certain senders is a > > good idea. You may trust the person, but that doesn't mean you > > should trust their computer, or, for that matter, the relay > > computers which forward the email to you. (This is relevant since > > any TLS applies only to the individual hops -- it isn't usually > > end-to-end.) > > > > Think of it like diseases: you may fully trust your friends, but > > your friends could still pass on any colds or flu they might have > > before their symptoms become obvious. > > > > > > On Mon, 25 Nov 2019 17:39:00 -0300 > > Marcelo Leães via clamav-users <clamav-users@lists.clamav.net> > > wrote: > > > >> I'm sorry for english I'm using translator > >> > >> I use an antispam solution called Mailcleaner that comes with > >> Clamav as antivirus to scan incoming emails. > >> > >> I need to block macros in received word and excel documents, but > >> some remententes need to release this check. > >> > >> It is possible to have an exception list so that no emails or > >> domains are verified, for example: > >> > >> u...@domain.com > >> @ domain.net > >> > >> ? > >> > >> > >> --- > >> > >> > >> Em 25/11/2019 05:10 PM, G.W. Haywood via clamav-users escreveu: > >> > Hi there, > >> > > >> > On Mon, 25 Nov 2019, Marcelo Leães via clamav-users wrote: > >> > > >> >> I need to set up a whitelist with email addresses or wildcards > >> >> with domains that... > >> > > >> > Your requirements are unclear, please clarify. Are you > >> > intending to use ClamAV only for scanning mail, and if so do you > >> > wish to prevent scanning for certain senders? If so, then there > >> > are ways to do what you are asking, although I'm not sure that I > >> > would recommend it. > >> > > >> >> ... should not be verified by Clamav. > >> > > >> > I understand that you may not be writing in your first language. > >> > > >> > ClamAV does not 'verify' email addresses nor domains, but it can > >> > look into links which it finds in mail. Again, I'm not sure > >> > that I would generally recommend that. > >> > > >> >> I couldn't find any documentation available, how should I > >> >> proceed? > >> > > >> > All the documentation is available on the ClamAV Website, and if > >> > you install ClamAV on a computer, much of it will be installed > >> > there too. > >> > > >> > -- > >> > > >> > 73, > >> > Ged. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
