[clamav-users] [ext] What kind of mails is clam* checking? Only mails with attachments / mailflow
Ralf Hildebrandt
Ralf.Hildebrandt at charite.de
Thu Feb 7 13:25:38 UTC 2019
* Stefan Bauer <cubewerk at googlemail.com>:
> Dear Users,
>
> my mailflow is following:
>
> amavis -> 15-av_scanners ->
> ['ClamAV-clamd',
> \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
> qr/\bOK$/m, qr/\bFOUND$/m,
> qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
>
> What kind of mails are forwarded to clamd for scanning/checking?
Usually ALL mails.
> Or What kind mails are checked by clam*?
Usually ALL mails.
> Only mails with attachments?
amavis decomposes the mail into it's text parts and attachments and
usually scans the whose mail "as is" and the text parts and
attachments sperately.
> As clam* can also do URL checks and stuff, also mails withouth attachments
> can be infected.
--
Ralf Hildebrandt Charite Universitätsmedizin Berlin
ralf.hildebrandt at charite.de Campus Benjamin Franklin
https://www.charite.de Hindenburgdamm 30, 12203 Berlin
Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155
More information about the clamav-users
mailing list