[clamav-users] Cannot skip OLE2 checking
Reindl Harald
h.reindl at thelounge.net
Thu Dec 22 10:06:16 UTC 2016
Am 21.12.2016 um 18:43 schrieb Mark Foley:
> On Wed, 21 Dec 2016 17:34:05 Reindl Harald wrote:
>>
>> Am 21.12.2016 um 17:25 schrieb Mark Foley:
>>> I'm running clamdscan on Maildir folders as:
>>>
>>> clamdscan --config-file=/usr/local/etc/clamdscan.conf --multiscan \
>>> --fdpass --allmatch --stdout /home/HPRS/user/Maildir/
>>>
>>> I want to skip checking for OLE2 macros. The /usr/local/etc/clamdscan.conf has:
>>>
>>> ScanOLE2 no
>>> OLE2BlockMacros no
>>>
>>> However, it still finds OLE2 macros:
>>>
>>> /home/HPRS/user/Maildir/.Deleted Items/cur/1448980384.M492273P32500.mail,S=751508,W=761365:2,S: Heuristics.OLE2.ContainsMacros FOUND
>>>
>>> Is this happening because there is alread a clamd running for mail queue
>>> checking which has the above config settings set to "yes"?
>>>
>>> How can I get clamdscan to skip checking for these macros?
>>
>> "man clamdscan" and think about what the "d" means versus "clamscan"
>>
>> NAME
>> clamdscan - scan files and directories for viruses using Clam AntiVirus
>> Daemon
>
> I believe I know what the "d" means. I've recently posted here with the subject
> "No notice of OLE2.ContainsMacros" and got excellent information from you, in
> fact.
>
> Thinking about what the "d" means doesn't help me solve my problem. clamdscan
> has an option --config-file. I would assume clamdscan would spawn another clamd
> with the new option file. Is this not the case? Will the currently running clamd
> be used regardless of the --config-file parameter?
when someone says "man clamdscan" than do "man clamdscan" and read it
really - the options above belongs in the configuration of clamd - period
DESCRIPTION
clamdscan is a clamd client which may be used as a clamscan
replacement. It accepts all the options implemented in clamscan but most
of them will be ignored because its scanning abilities only depend on clamd.
More information about the clamav-users
mailing list