Hello again, On Sat, 23 Jan 2021, Chaminda Indrajith via clamav-users wrote:
... I have the evidence that Clamd finds threats, but it cannot detect some of the threats
As I said this is not unusual. From my experience I would say that of all the threats that I see, ClamAV will typically detect a few tens %. It's possible with some effort to 'tune' detection to your particular mail profile but it's really a moving target. If you have something like a repeat offender sending lots of malicious mail it's usually easy to educate ClamAV to block it.
I will share the complete messages that stored by MailScanner and I will share the FTP access details separately. ...
I will let you have a private email address to send the access details. Do not worry if messages to the private address are rejected, filtering of our mail is extremely unforgiving.
How can I share the threats with ClamAV Team. Can I share the same FTP access details
The best ways are either to use the 'clamsubmit' utility or the Web page which I mentioned in one of my earlier replies. The ClamAV team will be unlikely to make effective use of your FTP server - it would be too time-consuming for them to use a different method of collecting samples from each and every ClamAV user.
Thanks again for your great explanation and support.
I'm glad it's useful! -- 73, Ged. _______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
