Some years ago, before ClamAv had an option to follow symlinks when
recursing, I modified the source code to add an option to do that. It
was not too much work to do it once, but it got tedious to roll the
modifications forward and recompile with every new version, as I like
to keep up, even ahead
Am 05.10.2016 um 21:09 schrieb Michael Grant:
I see a ton of these too. But I also have clients who get password
protected documents all the time, so it's a bit difficult to just blanket
block all password protected documents
you don't need to - they just get a additional score in SpamAsssin
I see a ton of these too. But I also have clients who get password
protected documents all the time, so it's a bit difficult to just blanket
block all password protected documents.
However, if you look at one of these emails, virtually 100% of the virus
emails contain the password to decrypt the
Am 05.10.2016 um 20:52 schrieb Dennis Peterson:
On 10/5/16 11:37 AM, Alex wrote:
Can you explain how you configured systemd to start two instances of
the same clamd binary using different config files?
Create a second config file and give it a unique name or place it in a
different directory
On 10/5/16 11:37 AM, Alex wrote:
Can you explain how you configured systemd to start two instances of
the same clamd binary using different config files?
Thanks,
Alex
# clamd --help
Clam AntiVirus Daemon 0.99.2
By The ClamAV Team: http://www.clamav.net/about.h
Am 05.10.2016 um 20:37 schrieb Alex:
[root@mail-gw:/etc/clamd.d]$ cat scan.conf | grep OLE2BlockMacros
OLE2BlockMacros no
[root@mail-gw:/etc/clamd.d]$ cat scan-sa.conf | grep OLE2BlockMacros
OLE2BlockMacros yes
Reindl, I appreciate your input, but I can't just outright reject docs
with macr
> On Oct 5, 2016, at 1:54 PM, Alex wrote:
>
> Hi,
>
>> Are you submitting these files to ClamAV?
>>
>> http://www.clamav.net/reports/malware
>
> Not always, primarily because the response time has been too long.
> I'll try to more attentively submit them.
>
It shouldn’t be anymore. This is
Hi,
>>> [root@mail-gw:/etc/clamd.d]$ cat scan.conf | grep OLE2BlockMacros
>>> OLE2BlockMacros no
>>>
>>> [root@mail-gw:/etc/clamd.d]$ cat scan-sa.conf | grep OLE2BlockMacros
>>> OLE2BlockMacros yes
>>
>>
>> Reindl, I appreciate your input, but I can't just outright reject docs
>> with macros. We'r
Am 05.10.2016 um 20:02 schrieb Alex:
I'm using spamassassin on fedora with amavisd. Is there something that
can be done to at least tag them in some way so the end-user knows
it's a potential threat?
reject attachments with macros or add a clamd instance connected to the
clamav-sa-plugin with
Hi,
>> I'm using spamassassin on fedora with amavisd. Is there something that
>> can be done to at least tag them in some way so the end-user knows
>> it's a potential threat?
>
> reject attachments with macros or add a clamd instance connected to the
> clamav-sa-plugin with a high score as i told
Hi,
> Are you submitting these files to ClamAV?
>
> http://www.clamav.net/reports/malware
Not always, primarily because the response time has been too long.
I'll try to more attentively submit them.
Thanks,
Alex
___
Help us build a comprehensive ClamAV
Alex,
Are you submitting these files to ClamAV?
http://www.clamav.net/reports/malware
--
Joel
> On Oct 5, 2016, at 8:21 AM, Alex wrote:
>
> Hi,
> I'm starting to receive emails like this:
>
> http://pastebin.com/HpvEcT9K
>
> They're not being caught by clamav or other virus filters. Is it
Content-Type: application/octet-stream
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="Scan - 001265480.tbz2"
that beast is a valid bzip2 archive and contains a windows exceutable
does clamd not realize that as archive or sansecurity foxhole rules?
On Wed, October 5, 2016 1:21 pm, Alex wrote:
> Hi,
> I'm starting to receive emails like this:
>
>
> http://pastebin.com/HpvEcT9K
>
>
> They're not being caught by clamav or other virus filters. Is it even
> possible to catch encrypted Word docs with a virus scanner?
>
Sorry this is brief, still g
Hello,
> They're not being caught by clamav or other virus filters. Is it even
> possible to catch encrypted Word docs with a virus scanner?
A signature has been created and will be publish today on our 3rd party
signatures:
https://www.securiteinfo.com/services/anti-spam-anti-virus/improve-det
Am 05.10.2016 um 14:21 schrieb Alex:
I'm starting to receive emails like this:
http://pastebin.com/HpvEcT9K
They're not being caught by clamav or other virus filters. Is it even
possible to catch encrypted Word docs with a virus scanner?
I'm using spamassassin on fedora with amavisd. Is ther
Hi,
I'm starting to receive emails like this:
http://pastebin.com/HpvEcT9K
They're not being caught by clamav or other virus filters. Is it even
possible to catch encrypted Word docs with a virus scanner?
I'm using spamassassin on fedora with amavisd. Is there something that
can be done to at le
You have access to the source code. Make it do what you want that it does not
already do.
dp
On 10/3/16 10:05 AM, crazy thinker wrote:
Hi,
when i scanned a dirtectory using clamdscan, i could get only error and
virus file infected files status in output.but i would like to see each
file sta
On 10/03/16 19:05, crazy thinker wrote:
> Hi,
>
> when i scanned a dirtectory using clamdscan, i could get only error and
> virus file infected files status in output.but i would like to see each
> file status(including "OK" status also ) when i perform scan over sinle
> dirtectory / multiple di
19 matches
Mail list logo
