<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7654.12">
<TITLE>Re: amavisd-new result is clean but clamav manual scan result is infected</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<BR>
<BR>
<BR>
<P><FONT SIZE=2>On 11/18/11 1:10 AM, "Kenneth Oncinian" <kenneth.oncinian@ph.panasonic.com><BR>
wrote:<BR>
<BR>
> How is it possible that amavisd-new is resulting "clean" while manual<BR>
> scan of CLAMAV is resulting "infected"?<BR>
<BR>
<BR>
Do you have @keep_decoded_original_maps set up to scan the whole message?<BR>
<BR>
@keep_decoded_original_maps = (new_RE(<BR>
qr'^MAIL$', # retain full original message for virus checking<BR>
qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains<BR>
undecipherables<BR>
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,<BR>
# qr'^Zip archive data', # don't trust Archive::Zip<BR>
));<BR>
<BR>
<BR>
<BR>
--<BR>
Daniel J McDonald, CCIE # 2495, CISSP # 78281<BR>
<BR>
</FONT>
</P>
</BODY>
</HTML>