On Jun 29, 2011, at 6:04 AM, polloxx wrote: > On Wed, Jun 29, 2011 at 11:45 AM, Henrik K <h...@hege.li> wrote: >> On Wed, Jun 29, 2011 at 12:27:46PM +0300, Mihamina Rakotomandimby wrote: >>>> On Wed, 29 Jun 2011 11:24:24 +0200 >>>> polloxx <poll...@gmail.com> wrote: >>> >>>> Are there other user with the same problem? Any solution? >>> >>> I have the same problem. >>> I manage a mail server used by a vendor of DHL. >>> >>> Pretty annoying as far as all emails from DHL are sensible and >>> important for the suers :-) >>> >>> Unfortunately, I have found no solution... yet. >> >> So your users receive lot of legimate exes? >> > > It was a zip file. > >> If you are expecting ClamAV to be a 0day magic tool without having lots of >> other defences (spamassassin etc) and lots of custom rules, then yes, there >> is no solution. >> > > The virus was found Monday morning. According to Virus Total 31/41 > engines do detect it. Unfortunately Clamav did not.
winnow.malware and other portions of sanesecurity's distributed unofficial rules will probably detect those. Tom _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml