So I'm slightly stupid... I now know that clamscan doesn't seem to read
the options in /etc/clamd.conf but clamdscan does (or rather clamd
does), but of course you have to restart clamd after changing a value.
Obviously "must try harder" as they used to say at school.
FAS
Francis Stevens wrote:
I don't feel so stupid now... I've set ArchiveMaxCompressionRatio to 0
to disable the limit and I still get the "Oversized.zip FOUND" message
with clamscan and clamdscan. With clamscan I can use --max-ratio=0 and
everything is OK but I'm actually using amavisd-new so this isn't an
option. Anyo
If only I'd waited a bit longer... I now find the answer to my own
question in the FAQ (should have looked first... a case of engaging the
maillist before the brain... sorry). I post the correct answer here in
case anyone else is a stupid as me!!
#
I get many false positives of Oversized.zip
Since I upgraded to 0.80 I am seeing many false positives for the
Oversized.zip virus, I have posted samples at the ClamAV website but in
the mean time is there a way of removing the signatures for this virus
from my copy of the database?
FAS
___
http
