Hi All,
There's probably a very simple explanation for this.
However, would anybody have any idea why my clamd cannot spot MyDoom.G
within a message yet clamscan --mbox can?
My clamd is working for 99% of emails, is all up to date (must be for
clamscan to see the virus in the first place), and
> There's probably a very simple explanation for this.
Ignore me, there is!
It seems clamd had not reloaded it's virus db since the last update, it now
detects the virus fine after I restarted the daemon.
Stuart.
---
This SF.Net email is s
We need to be able to notify our users that we deleted their infected
messages, but I'm tired of my queue being crufted up with bounced virus
notifications to fake senders. Yet setting infected_action = reject is the
only thing that is giving my users the notification they want. :-/
JR,
Hi all,
RAV caught a bounced message sample containing Worm.SomeFool.Gen-2
(Netsky.B) but neither clamd or 'clamdscan --mbox' could find the infection,
I presume this is an issue with the MIME handling?
When I rip out the attachment manually it detects the virus fine.
Shall I submit the sample
Title: Iframe messages
Hi All,
What’s the consensus about messages with embedded iframe links?
They look like a great potential for viral activity because they can be used to auto-download viruses, etc.. The reason I ask is my secondary AV caught a couple of messages that got past clam that w
waited a bit, and another "Worm.SomeFool.Gen-1" snuck thru ...
Are these messages that get through bounced delivery reports by any chance?
I think there is an issue with defanging on the current cgpav that means
it doesn't treat certain types of bounce messages properly before
passing them to c
I'm behind the Clam team in that they focus on getting sigs out before
worrying about the name.
I don't know if this is a technical limitation of the virus db's (and
not sure if this has been mentioned previously, sorry) but what's to
stop the name of the virus being changed in the virus db onc
