[clamav-users] Question about Virus DB

[Al Varnell]

That's an easy one. As I understand it's history, ClamAV was originally designed to scan incoming messages to e-mail servers. Since it's impossible to know the final destination platform of these message, they have to be screened for all possible infections. Even though ClamAV has been put to broader use today, it is still used on many e-mail servers for that same purpose today. 

Beyond that, many files are shared cross-platform. For instance, a Mac user needs to know that a file he intends to share with a friend using Windows is infected with say Ransomeware, and won't blindly send it on to somebody who trusts that Mac user.

And it would also take some effort on the part of an already overworked ClamAV Team to maintain such separate databases.  I, for one would rather they not waste their time with such an effort if it prevents them from rapidly finding and distributing new, valid signatures.

I think you will find that most all other A-V software package take a similar approach with their databases, even if they were designed to run on a single platform.

-Al-

On Sat, Nov 26, 2016 at 09:27 PM, crazy thinker wrote:
> 
> why ClamAV team providing common
> database for paltforms like windows  linux and mac os x. why not they
> provide virus database files based on platform specific. is there any
> specific reason behind this?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3573 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20161126/08d300c4/attachment.bin>