Anders,
without the ASSP_AFC plugin the size of the scanned mail body is
restricted to MaxBytes or ClamAvBytes - but to a max of 100000 Byte.
The AFC plugin parses the MIME parts and submits each full part to the
scanner.
Thomas
Von: Anders Westin <[email protected]>
An: ASSP development mailing list <[email protected]>,
Datum: 18.06.2012 15:45
Betreff: Re: [Assp-test] Help needed with setting up Filescan on
Linux system
Hi Colin
Thanks for your answerer
what is your setting on ClamAvBytes, mine is 100000
The reason of my questions is that I have a mail with two attachment that
is 825 Kb each and both those attachments passed through ASSP
but when i scan the attachments later with Clamdscan i found the following
viruses. just because of the ClamAvBytes they was not detected.
DepositTTCopy(1).exe: BC.Heuristic.Trojan.SusPacked.TMS FOUND
DepositTTCopy(2).exe: BC.Heuristic.Trojan.SusPacked.TMS FOUND
From: Colin <[email protected]>
To: [email protected],
Date: 2012-06-18 14:21
Subject: Re: [Assp-test] Help needed with setting up Filescan on
Linux system
From my understanding you do not need to use Filescan if you have
configured ClamAV to use a TCP port or socket.
When using ClamAV, ASSP hands the files to ClamAV and ClamAV hands the
result back. Filescan is for other antivirus solutions where you need to
write the file to a directory, have it scanned (by resident shield or by
running FileScanCMD) and then process the result.
At least that is how mine is configured and it blocks viruses with ClamAV
All the best,
Colin.
On 18/06/2012 12:45, Anders Westin wrote:
> Hi all
>
> Has some one setup and using the Filescan in ASSP V2 on a Linux(debian)
> system with Clamav?
> I alredy using the Clamav UseAvClamd
>
> I would be very pleased if anyone can post the settings for the
following
> variables, I´ve searched mail archives and can´t find anything about
this
> setup
> FilescanCMD
> FilescanGood
> FilescanBad
> FilescanRespRe
>
> /Anders
>
>
_________________________________________________________________________________________________________________________________________________
> NOTICE: This email and any attachments are for the sole use of the
intended recipient(s) and may contain confidential and privileged
information.
> Any unauthorized review, use, disclosure or distribution is prohibited.
> If you are not the intended recipient, please notify the sender by reply
email and destroy the original message.
>
------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond.
Discussions
> will include endpoint security, mobile security and the latest in
malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Assp-test mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/assp-test
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Assp-test mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-test
_________________________________________________________________________________________________________________________________________________
NOTICE: This email and any attachments are for the sole use of the
intended recipient(s) and may contain confidential and privileged
information.
Any unauthorized review, use, disclosure or distribution is prohibited.
If you are not the intended recipient, please notify the sender by reply
email and destroy the original message.
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Assp-test mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Assp-test mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-test
