[clamav-users] making clamdscan noisier when it has found something
Dennis Peterson
dennispe at inetnw.com
Fri Feb 12 20:59:13 UTC 2016
The most useful information I get is from the milter (J-Chkmail) that manages
scanning via clamd.
Sun Feb 7 05:57:59 2016 -> /var/spool/jchkmail/56B74D61.000.0000:
Sanesecurity.Foxhole.Zip_doc_js.UNOFFICIAL FOUND
The serial number maps directly to the message id in sendmail's log which has
the transaction information.
dp
On 2/12/16 8:22 AM, Gene Heskett wrote:
> Greetings;
>
> Currently it spits out a one line message to the logfile when it has
> found something, and when procmail see's the NZ return, the incoming
> mail is placed in a holding file. But it contains zero information that
> would give a clue as to where the infected mail came from.
>
>
More information about the clamav-users
mailing list