Noel Jones wrote: > Rick Macdougall wrote: >> Noel Jones wrote: >>> Rick Macdougall wrote: >>>> Now, mail server 2 did not see the virus this morning when I checked it >>>> again but it obviously did last night when PhishingScanURLs = no. >>>> >>>> Any reason for that that you can see ? >>> clamscan doesn't use the options set in clamd.conf. >>> >> Ahh, I expressed myself poorly. >> >> clamdscan with PhishingScanURLs no did find it last night >> clamdscan with PhishingScanURLs no did not find it this morning >> clamdscan with PhishingScanURLs yes did find it after restarting clamd >> >> Only difference would be that the message I have now is a bounce but >> with the full original still attached. >> >> Regards, >> >> Rick > > All the Phishing.Heuristics.* detection code is turned off > when you have "PhishingScanURLs no", so somethings inconsistent... >
Yup, that inconsistency would be me. I forgot that the MX for server 2 is actually two external MX machines that did have the default of yes on. So the scanning occurred some where else last night, not on server 2. Sorry for the noise. Regards, Rick _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
