[clamav-users] Low detection rate

Steve Hill steve at opendium.com
Mon Mar 3 07:28:02 EST 2014


I'm using clamd together with exim under Scientific Linux 6.3 and I'm 
having problems with Clam not detecting many viruses - in fact, looking 
back through the logs it basically only seems to be finding a few 
phishing emails.

Other virus scanners are picking up a number of viruses which are being 
allowed through by clam - for example, 
http://persephone.nexusuk.org/~steve/eticket_ba_70391830.doc is 
identified as CVE_2010_3333 by a number of other scanners, but clam says 
it's clean (I've now submitted this to the sendvirus page on the website).

I'm using ClamAV 0.98.1 from the EPEL repository and as far as I can 
tell my virus signatures are up to date:
# freshclam
ClamAV update process started at Mon Mar  3 12:25:40 2014
main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, 
builder: neo)
daily.cld is up to date (version: 18526, sigs: 719612, f-level: 63, 
builder: neo)
bytecode.cld is up to date (version: 236, sigs: 43, f-level: 63, 
builder: dgoddard)

I'm not sure how to go about debugging the problem - any advice would be 
welcome.

Thank you.

-- 
  - Steve Hill
    Technical Director
    Opendium Limited     http://www.opendium.com

Direct contacts:
    Instant messager: xmpp:steve at opendium.com
    Email:            steve at opendium.com
    Phone:            sip:steve at opendium.com

Sales / enquiries contacts:
    Email:            sales at opendium.com
    Phone:            +44-844-9791439 / sip:sales at opendium.com

Support contacts:
    Email:            support at opendium.com
    Phone:            +44-844-4844916 / sip:support at opendium.com



More information about the clamav-users mailing list