[clamav-users] Antispam with Clamav whitelist

Marcelo Leães marcelo at eth1.com.br
Mon Nov 25 22:56:27 UTC 2019 

Of course I understand perfectly.
But salespeople use a lot of spreadsheets with macro automation.

I can not impact the customer business blocked everything.
Some reliable senders need to keep released.

Just as every day I receive multiple emails from other destinations with 
spreadsheets and doc files clearly to exploit vulnerabilities.

Is there an option to implement this whitelist?


---


Em 25/11/2019 07:47 PM, Paul Kosinski via clamav-users escreveu:
> I don't think that *not* scanning email from certain senders is a good
> idea. You may trust the person, but that doesn't mean you should trust
> their computer, or, for that matter, the relay computers which forward
> the email to you. (This is relevant since any TLS applies only to the
> individual hops -- it isn't usually end-to-end.)
> 
> Think of it like diseases: you may fully trust your friends, but your
> friends could still pass on any colds or flu they might have before
> their symptoms become obvious.
> 
> 
> On Mon, 25 Nov 2019 17:39:00 -0300
> Marcelo Leães via clamav-users <clamav-users at lists.clamav.net> wrote:
> 
>> I'm sorry for english I'm using translator
>> 
>> I use an antispam solution called Mailcleaner that comes with Clamav
>> as antivirus to scan incoming emails.
>> 
>> I need to block macros in received word and excel documents, but some
>> remententes need to release this check.
>> 
>> It is possible to have an exception list so that no emails or domains
>> are verified, for example:
>> 
>> user at domain.com
>> @ domain.net
>> 
>> ?
>> 
>> 
>> ---
>> 
>> 
>> Em 25/11/2019 05:10 PM, G.W. Haywood via clamav-users escreveu:
>> > Hi there,
>> >
>> > On Mon, 25 Nov 2019, Marcelo Leães via clamav-users wrote:
>> >
>> >> I need to set up a whitelist with email addresses or wildcards with
>> >> domains that...
>> >
>> > Your requirements are unclear, please clarify.  Are you intending to
>> > use ClamAV only for scanning mail, and if so do you wish to prevent
>> > scanning for certain senders?  If so, then there are ways to do what
>> > you are asking, although I'm not sure that I would recommend it.
>> >
>> >> ... should not be verified by Clamav.
>> >
>> > I understand that you may not be writing in your first language.
>> >
>> > ClamAV does not 'verify' email addresses nor domains, but it can
>> > look into links which it finds in mail.  Again, I'm not sure that I
>> > would generally recommend that.
>> >
>> >> I couldn't find any documentation available, how should I proceed?
>> >
>> > All the documentation is available on the ClamAV Website, and if you
>> > install ClamAV on a computer, much of it will be installed there
>> > too.
>> >
>> > --
>> >
>> > 73,
>> > Ged.
> 
> 
> _______________________________________________
> 
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

More information about the clamav-users mailing list