Announcement

Collapse
No announcement yet.

ClamAV Viruses detected question

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ClamAV Viruses detected question

    When ClamAV detects a virus, what action is taken automatically by the system.
    is it stopped from going to the mail box, is it bounced back or is it deleted?

    I don't see to many detected but want to make sure there not still lurking some where still.

    Thank you

    Gaz
    Gary T

  • #2
    Hi bear

    Good question

    ClamAV does not undertake any action other then marking the email/file etc as a virus. Other processes would then delete it

    The reason for the email to be received first, is it has the be received before it can be scanned, and viruses are deleted so no bounce or send back to sender.

    There are online viruse tests for mail servers or you could do yourself using the idra files (sorry wrong name but just cannot remember the correct name sorry) and they should be stopped or not received

    However, please remember that it can only protect against known viruses and there are always false positives. Also, if you use third part databases, some can have issues or slow down the server due to loading.

    Lastly, you may want to increase the scan file size to meet your expected usage

    Many thanks

    John

    Comment


    • #3
      Hi Bear

      Sorry, I have just run an online test and the results are shown in picture. So not accepted.

      The test files are called EICAR test files

      I hope that helps a little

      Many thanks

      John Click image for larger version

Name:	eicar-test.png
Views:	1
Size:	10.1 KB
ID:	44329

      Comment


      • #4
        Very helpful information, thank you for your time answering my question :)
        Gary T

        Comment

        Working...
        X