ClamAV Viruses detected question

When ClamAV detects a virus, what action is taken automatically by the system.
is it stopped from going to the mail box, is it bounced back or is it deleted?

I don’t see to many detected but want to make sure there not still lurking some where still.

Thank you


Hi bear

Good question

ClamAV does not undertake any action other then marking the email/file etc as a virus. Other processes would then delete it

The reason for the email to be received first, is it has the be received before it can be scanned, and viruses are deleted so no bounce or send back to sender.

There are online viruse tests for mail servers or you could do yourself using the idra files (sorry wrong name but just cannot remember the correct name sorry) and they should be stopped or not received

However, please remember that it can only protect against known viruses and there are always false positives. Also, if you use third part databases, some can have issues or slow down the server due to loading.

Lastly, you may want to increase the scan file size to meet your expected usage

Many thanks


Hi Bear

Sorry, I have just run an online test and the results are shown in picture. So not accepted.

The test files are called EICAR test files

I hope that helps a little

Many thanks

John [ATTACH=JSON]{“data-align”:“none”,“data-size”:“medium”,“data-attachmentid”:44329}[/ATTACH]


Very helpful information, thank you for your time answering my question :slight_smile: