detect and block ACE archive
Benny Pedersen
me at junc.eu
Fri Apr 20 16:31:20 CEST 2018
Hoyer-Reuther, Christian skrev den 2018-04-20 14:41:
> With the ACE banning in my environment there is never a real mail
> blocked, but only virus mails. Maybe the spammers and virus creators
> love ACE archives because they know that amavis cannot handle it.
design of amavisd is not to make the best virus scanner with it, it was
designed to be a content controller, thus we all need external scanners
to scan virus and malware anyway
imho amavisd is to over complicated to my life, so i keep clamav with
clamav-multer with is now stable for me in the last year
adding all foxhole signatures makes all badly malware to be rejected
but clamav-multer still miss to policy to accept or reject or quarantine
content from 3dr party sigs, its not possible to just reject official
virus malware, and keep 3dr party signature quantined or accpeted, for
later use in content controllers
sad :/
the only way it can be done now is to make clamav with 2 clamd and 2
clamav-milter each with its own settings, but that will be performance
drainers, so dont
More information about the amavis-users
mailing list