We are running ClamAV 96.5 on Slamd64 machines with freshclam running every hour to update the virus database; Besides the official ClamAV database, we also download those from Sanesecurity, SecurityInfo, MalwarePatrol once a day.The servers run sendmail 8.14.3 with mimedefang 2.66 calling ClamAV. All messages are scanned and delivered if they are virus-free; if detected as virus-laden, the messages will be quarantined in a specific sub-directory on the same mail servers where we can retrieve to examine, if necessary.
Some users have their mail forwarded to an account on another system where Sophos is being used. Since October 28, we have been notified by the mail administrator of that system some messages forwarded from our mail servers are detected by Sophos (running on their mail server) as infected with Mal/Phish-A . Unfortunately, we do not have the infected messages since they are considered "clean" by ClamAV on our mail servers and their mail server does not keep a copy of infected messages. We are wondering if anyone else also experience this kind of problem. As ClamAV et al. name viruses differently from Sophos, we don`t know for sue if ClamAV is detecting Mal/Phish-A . Thank you very much for all your help/suggestions. Tan Bui Concordia University Montreal, Quebec Canada _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
