[clamav-users] Cannot skip OLE2 checking
Mark Foley
mfoley at novatec-inc.com
Wed Dec 21 17:43:54 UTC 2016
On Wed, 21 Dec 2016 17:34:05 Reindl Harald wrote:
>
> Am 21.12.2016 um 17:25 schrieb Mark Foley:
> > I'm running clamdscan on Maildir folders as:
> >
> > clamdscan --config-file=/usr/local/etc/clamdscan.conf --multiscan \
> > --fdpass --allmatch --stdout /home/HPRS/user/Maildir/
> >
> > I want to skip checking for OLE2 macros. The /usr/local/etc/clamdscan.conf has:
> >
> > ScanOLE2 no
> > OLE2BlockMacros no
> >
> > However, it still finds OLE2 macros:
> >
> > /home/HPRS/user/Maildir/.Deleted Items/cur/1448980384.M492273P32500.mail,S=751508,W=761365:2,S: Heuristics.OLE2.ContainsMacros FOUND
> >
> > Is this happening because there is alread a clamd running for mail queue
> > checking which has the above config settings set to "yes"?
> >
> > How can I get clamdscan to skip checking for these macros?
>
> "man clamdscan" and think about what the "d" means versus "clamscan"
>
> NAME
> clamdscan - scan files and directories for viruses using Clam AntiVirus
> Daemon
I believe I know what the "d" means. I've recently posted here with the subject
"No notice of OLE2.ContainsMacros" and got excellent information from you, in
fact.
Thinking about what the "d" means doesn't help me solve my problem. clamdscan
has an option --config-file. I would assume clamdscan would spawn another clamd
with the new option file. Is this not the case? Will the currently running clamd
be used regardless of the --config-file parameter?
--Mark
More information about the clamav-users
mailing list