[clamav-users] ClamAV+exim: scanner finds not a single malware
Michael D. L.
clamav at cosis.dk
Mon May 23 12:24:45 UTC 2016
On 05/23/2016 01:43 PM, Michael Heseltine wrote:
> Hello all,
> I have recently modified my exim (4.82) configuration so that all
> messages pass through clamav (0.99.2) first. Anything labeled as
> malware should be rejected while the incoming SMTP connection is still
> open (using an *acl_smtp_data* in exim).
>
> But so far, this setup has not detected a single malware. All messages
> pass though without any notices:
>
Hi Michael,
I made a similar inquiry last week (Signature update schedule, and
requirements for adding Signatures) - this was the responses:
My 2 cents would be that rapid traditional signature updates are not a viable solution to this long term problem. I'm pretty sure the current generation of Locky, Dridex, Nemucod, etc. ransomware is generated using millions of tiny mutations so that almost every email attachment has a unique signature. There is no way to keep up with that. ClamAV got more than a million virus samples per day, last time I inquired.
...Chris
Best Regards
Michael
More information about the clamav-users
mailing list