On 01.03.22 17:15, Alex via clamav-users wrote:
I have a fedora34 system with clamd-0.103.5 and amavisd/SA/postfix. I
have a newsletter from ncua.gov that keeps getting blocked because it
apparently contains links.gd in the body somewhere, although I can't
find it.
How do I exclude this email fr
Jorge Elissalde via clamav-users wrote:
Thank you for your answer.
I'm using Windows clamd release 0.104.2
I have double checked with wireshark and the data sent is ok.
suppose I just send: char *eicarTest =
"X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"
Result is ok: i
On Wed, 2 Mar 2022 12:35:40 -0300
Jorge Elissalde via clamav-users wrote:
> Hi,
>
> I'm using clamd to make a large data scanning using INSTREAM (data it
> is not available as files I could send to clamd). If I send only one
> INSTREAM chunk with EICAR inside it is correctly detected, but if I
Hi there,
On Thu, 3 Mar 2022, G.W. Haywood wrote:
... Perhaps you can post the output of 'clamconf -n' ...
On Thu, 3 Mar 2022, Kris Deugau wrote:
...
There are quite the proliferation of hash signatures, but ...
The only one that would match within a larger
file or datastream is the byteco
Hi,
> >How do I exclude this email from being tagged without having to bypass
> >the Heuristics.Phishing.Email.SpoofedDomain rule altogether?
> >
> >X-Amavis-Alert: INFECTED, message contains virus:
> >Heuristics.Phishing.Email.SpoofedDomain
>
> I think this can be enabled by disabling Phi
Hi there,
On Thu, 3 Mar 2022, Alex via clamav-users wrote:
The cld version was dated Sept 19th (since manually deleted) and the
cvd version is dated Sept 22nd. I'll have to see if it returns.
I suspect that the cld version was created when you updated the ClamAV
utilities from the distributio
Hi,
The weird part is that Avira and other Antivirus correctly are able to
detect EICAR in any case, having other characters before and/or after the
EICAR string.
Thank you,
El jue, 3 mar 2022 a las 12:27, Tuomo Soini via clamav-users (<
clamav-users@lists.clamav.net>) escribió:
> On Wed, 2 M
