> Hi team ,
> We are using clamAVClient for scanning pdf and xlsx files in our Java
> program. We came across the query,
> does clamAV scan password protected pdf file or not? If yes ,
> how we can restrict it? Kindly suggest. Best regards, Nahin Bagwan
How do you expect ClamAV to know the passwor
Thomas Barth via clamav-users writes:
> After restarting the clamav-daemon it has found another MBL_x
> with the same decoded signature. I dont know how many virus names for
> that domain exist. Because it can take up to a minute to check the
> "virusmail" (cpu too slow?) So I better a
"G.W. Haywood via clamav-users" writes:
> Hi there,
>
> On Thu, 29 Apr 2021, Robert Kudyba wrote:
>
>> ... no error(s) when I just ran it manually.
>
> There are lots of things in the script which look likely to cause
> issues, so I'd have expected something:
>
> 1. Is your Perl interpreter in /u
Robert Kudyba writes:
> >> next if /^MBL_\d+:0:\*:68747470733a2f2f64726976652e676f6f676c652e636f6d$/;
> next if /^MBL_\d+:0:\*:68747470733a2f2f646f63732e676f6f676c652e636f6d$/;
>
> You could do better with a regex, see the excellent Perl documentation.
>
> So what's the syntax to use || (or)
Robert Kudyba writes:
> [1:text/plain Show]
>
>
> [2:text/html Hide Save:noname (3kB)]
>
> How would you make this work for docs.google.com as well?
>
> the following regex corresponds to https://drive.google.com
> next if /^MBL_\d+:0:\*:68747470733a2f2f64726976652e676f6f676c652e636f6d$/;
If I r
Robert,
In the configuration file user.conf for ClamAV-unofficial-sig, I set the
following variable:
clamd_reload_opt="/usr/local/bin/clamav-unofficial-sigs-post.pl"
And the script is attached below.
Best regards,
Olivier
clamav-unofficial-sigs-post.pl
Description: Binary data
--
Hi,
Robert Kudyba writes:
> [1:multipart/alternative Hide]
>
>
> [1/1:text/plain Show]
>
>
> [1/2:text/html Hide Save:noname (3kB)]
>
> Since the signature name has .UNOFFICIAL and starts with MBL I believe that's
> Malware Block List. I've
> submitted a sample to fp (at) malwarepatrol.net. Is
Hi,
> Using clamav-milter 0.103.1 with sendmail on Fedora 33, we had several emails
> quarantined with
> the MBL_82485625.UNOFFICIAL. All they contained was a link forwarded as an
> attachment of a
> Google Drive folder. I reported this to the false positive at SaneSecurity
> address. I also ad
Hi
> I would like to know what would be the best way to do a virus scan of changed
> or new files only. I
> want to run a daily scan of changed and new files during weekdays and run a
> full scan on
> weekends.
>
> I did some search and was able to find a few ways of doing it but I would
> also
Hi,
Is there a way for clamscan and clamdscan to show the cofiguration they
are using?
I am having a different result if a scan the same file with clamscan and
clamdscan.
The error with clamdscan comes down to Heuristics.Limits.Exceeded FOUND
bit not really saying what size is exceedded nor what
Hi,
I have a virus signature that triggers on some of my daily system
security emails. This is not an official ClamAV signature, so my purpose
is not to complain here.
The signature file is a .ndb format and the specific signature is:
BAD_RULE:0:*:3139332e3232382e39312e313233
How can I decode t
> What's the reason for segregation? You can easily add your own
> unofficial signatures to the regular directory to have ClamAV use them
> all.
Just to keep the things clean.
> Otherwise you will have to run two occurrences of ClamAV pointing to
> those two directories.
No, i would like to have
Hi,
I want to define some personal rules for ClamAV. But I would like to
keep these rules into a subdirectory of the general database directory:
I waht to have /var/lib/clamav for the normal virus definitions and
/var/lob/clamav/local for my own definition.
But it seems that ClamAV only reads th
13 matches
Mail list logo
