fchan wrote: > I read your links and I understand possible DoS and other issues but > to repeat Alexandre's idea, why is there no error message for file > that are too large to notify the admin so they can adjust clamd.conf > or other action. Right now this infected file passes through like if > it was not infected which would be dangerous under certain conditions. > IMHO this file shouldn't pass through clamav without any error message. > > Frank
What would the error message say? There was no error in my view. The file was larger than what the OP was willing to test so it was not tested (if I understand it correctly). As such it is accepted at risk. It is the OP's job to decide what else to do with files that are accepted at risk. That may require yet another milter or other process spawned by procmail, for example. dp _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
