On 2016-09-22 12:32, Thomas Barth wrote:

I ve installed clamav-unofficial-sigs by debian package. If this is
not working good enough I will try the installation I found here:
https://github.com/extremeshok/clamav-unofficial-sigs/blob/master/INSTALL


you have to configure it aswell

here i have 2 clamd, one with official signatures, and another with 3dr party signatures, so both clamd have diffrent database dir

configure the script to only update the unofficial clamd database dir

when this is in place one can use clamav milter to reject from clamd with official sigs, and another clamav milter to just add virus header to mail, next with that is to make a header test in spamassassin with a spam score for 3dr party sigs in clamav

I dont know what is in the zip file. I just have a compressed copy of
the mail. I tried to save the  content of the zip boundary part in a
zip file but I get an loading error when opening the zip file. I
suppose it contains a javascript file (name.pdf.js)

just make sure the clamav detect its malware, and you are done, but keep in mind not reject 3dr party virus :=)

note aswell foxhole is good candidate to be reject besed on, you can make that happen if using pr sigs scanning in spamassasin header testing, so spamass-milter will reject it, do not use one clamd and one clamav-milter for all this

Reply via email to