I use ClamAV not only because it costs nothing, but also, and mainly, because it is Open Source, and as such, I trust it more than I trust proprietary AV software, much of which is bloated, and some of which is reputed to do creepy things. (Not to mention there isn't very much AV software for Linux.) Our one Windows 7 machine also has Microsoft's free AV scanner for "defense in depth" because ... if you're using Windows, you pretty much have to trust Microsoft.
I not only use ClamAV to scan email, I also use it with HAVP to scan HTTP, and am even thinking about maybe setting up a MITM for HTTPS (like much commercial AV does, which is part of the reason I am suspicious of it). Since I currently can't scan HTTPS traffic, I scan everything I download via HTTPS manually, especially such critical items as Samba source. I also use ClamAV to scan removable drives. In other words, I think ClamAV is much more than just an email scanner. Paul Kosinski P.S. I compile Samba myself because I make a slight change to the way the VFS-Recycle component names versions: I name the backup of "X" to be "X.1" rather than "Copy-of-X". (That may be the Microsoft Way, but it sorts neither alphabetically nor chronologically next to "X".) On Wed, 30 Mar 2016 22:53:08 +0200 "C.D. Cochrane" <c...@post.com> wrote: > Hi, I am the new guy here so please forgive my ignorance :) But > "ClamAV is the open source standard for mail gateway scanning > software" It sure seems like a lot of people are getting hot about > FPs on files that are NOT received as emails? I keep seeing log > files, samba distributions and full Windows C:\ scans where people > complain about false positives. Shouldn't that be product other than > ClamAV doing these scans? I mean if it's not arriving in your inbox > as an attachment why are you scanning it with ClamAV? > > > >>Sent: Wednesday, March 30, 2016 at 2:18 PM > >>From: "Paul Kosinski" <clamav-us...@iment.com> > >>To: clamav-users@lists.clamav.net > >>Subject: [clamav-users] Latest samba source contains > >>Win.Trojan.Qhost-106? I just downloaded samba-4.4.0.tar.gz (the > >>latest) from samba.org, and, after downloading via HTTPS, ClamAV > >>(0.99.1/21479) reports that the gz file contains > >>Win.Trojan.Qhost-106. In particular, the single file wintest.py in > >>the subdirectory wintest is reported. > >>_______________________________________________ > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
