Hi all, I'm using clamav-0.98.3 with fedora20 and amavisd-new-2.8.1. I have a few questions relating to so-called ransomware (cryptolocker and the like).
Is there a specific category of patterns that are related to catching this class of attacks in email? Are they generally just phishing URLs? I'm also using the safebrowsing, sanesecurity, and securiteinfo patterns. I'm using clamav with spamassassin and amavisd. I have a few hundred whitelist entries, and I'm concerned that some of those accounts may have been compromised, and have become the source of these attacks. Is it possible to whitelist (whitelist_from_rcvd) yet still scan them for viruses/malware? In other words, not make any decisions on whether it's spam, but if a virus/malware is found, quarantine it? Thanks, Alex _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
