deedee E wrote: >
I confess to some confusion about your problem. Is there some reason you are forced to execute the worm-infested e-mail while running Windows? Why not just treat it like junk mail and delete it? Isn't it junk mail?
I'm not executing anything. I'm not doing anything with mail in windows. I'm not treating it as junk mail because these worms are not (visibly) attached to any individual mail. They are attached to the mail folders in my personal Mozilla (and now Evolution) settings. This is what I get from a Clamav scan:
.evolution/mail/local/Inbox: Worm.Bagle.AP FOUND .evolution/mail/local/Inbox.sbd/Newbie: Worm.SomeFool.P FOUND (rest of scan snipped) ----------- SCAN SUMMARY ----------- Known viruses: 25253 Scanned directories: 31 Scanned files: 59 Infected files: 2 Data scanned: 62.38 MB I/O buffer size: 131072 bytes Time: 76.410 sec (1 m 16 s) [EMAIL PROTECTED] graham]$
There are no dodgy files .exe, .com, .pif or otherwise. If they had been attached to individual mails, I would have known about them already. I thought that I had made this clear - apparently not.
The problem as I see it is to find some way of disinfecting these files *without having to wipe all my existing mail*. This is why I was asking about the bug in Klamav which prevents me from scanning individual mails in Evolution.
Are you receiving e-mail that you must open and deal with that also
contains viruses? And, you must open it in Windows? Is that the
problem? Like a Word attachment you're expecting from a colleague
and it turns out to have a virus perhaps. Even then, you can
safely open it in OO. OO can't execute VBS macros (the carrier of viruses in MSOffice files).
No, no, and no. I know and this isn't the point of my query.
(snipped)
Sign up for the security advisories if you're concerned about Linux exploits. Mandrake has a great mailing list for security advisories. There are a number of Linux sites which list advisories for all Open Source software. AV software tends not to include anything that's not actually in the wild. Security advisories come out as soon as a vulnerability is known. For a Linux system, they are much more useful and timely than AV software.
This may be worth looking at - thanks.
Just to underscore what others have mentioned -- antivirus software (including Linux antivirus software) is looking for Windows viruses. It is really necessary only for Linux mail servers distributing mail to people who may open their mail in Windows.
Personally, I've always found it useful for scanning my Windows partitions without going to the trouble of starting Windows.
Linux antivirus software also tends to be more expensive than Windows AV software and a bigger headache to install, because it's not really meant for a stand alone system. Have you considered installing one of the many excellent free Windows AV products on your Windows installation, and just boot into Windows once a week to update the definitions? Try Googling for one.
My Windows setup has a fairly regularly updated Norton AV on it but life's too short to boot into Windows just to run a scan - that's one of the reasons I installed Clamav/Klamav. The rpm version of Klamav is quite old (0.6) and is giving me the problem, i.e. not installing Klammail. There is a much newer version (0.9) on the Klamav site but it's source code and won't compile on my system. Evidently no-one here has had the Klamav experience. Hope none of you ever need to.
Cheers,
Graham
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
