Lucas Albers wrote:
Alan Lehman said:
I'm seeing a fair number of netsky.c infected zip files pass my system
(MD-2.40) with clamav and uvscan configured. Most are caught by MD, but
the misses are being caught at a downstream eggchange box running
Mcafee groupshield. The default filter section "look inside zip files"
is enabled. I tried blocking specific zip file names. That helped, but
new ones kept showing up, so I gave up and started blocking all zip
files today. That stopped the occurances at the exchange box. Any ideas?
It seems curious that groupshield catches stuff that gets past uvscan.
Also, since I started blocking zip files, I'm still seeing
W32/[EMAIL PROTECTED] viruses being reported by MD. Does it scan for
viruses in files that are rejected based on filename extension?
What version of mcafee/clam are you using?
vlnx 4.24.0
clam-0.67-1
are you using clamscan or clamd or clamdscan?
clamd
what are the scan switches you are using for them?
I'm running pretty much default settings for everything. No command line switches.
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
