Inbound doesn't catch SaneSecurity signature, Outbound does
francis picabia
fpicabia at gmail.com
Fri Nov 16 19:28:47 CET 2012
On Fri, Nov 16, 2012 at 1:11 PM, Noel Jones <njones at megan.vbhcs.org> wrote:
> Without any evidence, we can only guess the problem. My guess is
> still that your various .ftm files don't match the headers on the
> original file as presented to clamav, preventing clamav from
> recognizing the file as an email message. That's just a guess and
> could be wrong, but the eyewitness accounts you've shared support this.
I don't know anything about ftm files.
This could be a little off topic for this list, but Redhat
clamav has a :
ls -l /var/clamav/daily.inc/daily.ftm
-rw-r--r-- 1 amavis amavis 5642 May 1 2008 /var/clamav/daily.inc/daily.ftm
Whereas Debian has :
ls -l /var/lib/clamav/daily.ftm
-rw-r--r-- 1 root root 8098 Nov 16 14:00 /var/lib/clamav/daily.ftm
It looks like the Redhat one isn't getting updated or is cruft
left behind from some upgrade. Everything under daily.inc
is dated 2008. I'd think it could be deleted. On Redhat
there is a daily.cld updated today. Debian has a dozen or more
files starting with "daily." in /var/lib/clamav. I do not know why
they are different. I leave it to the freshclam scripts to manage
this on each platform.
> You'll need to do some debugging and tracing to VERIFY what clamav
> is seeing and detecting. Looks as if you're on your own from here.
Maybe I can move this discussion to the clamav list?
More information about the amavis-users
mailing list