Normal mail classified as virus
nmilas at noa.gr
Mon Feb 8 01:11:57 CET 2021
On 5/2/2021 7:55 μ.μ., Nikolaos Milas wrote:
> Question 1: Is there a way to disable checking for that (or any other)
> specific virus signature?
In the meantime (based on articles from the Internet), I have tried the
following: I added a file named /var/lib/clamav/local-whitelist.ign2
with two signatures:
(the latter for testing purposes) and I restarted amavisd / clamd at amavisd.
However, it seems the trick did not work, because my test mail
(containing the EICAR sig) still got blocked as virus-infected.
(I also tried with .UNOFFICIAL appended to the signatures, but it didn't
So, I am still looking for a way to disable certain signatures from clamav.
I am on CentOS 8 with amavis-2.12.1, amavisd-milter-1.7.1 and clamd-0.103.0.
In the db directory (/var/lib/clamav) there are some ign2 files already,
but these get updated often, so if I put anything therein, it will get
erased since files get overwritten with each update. Here are the files
(incl. the one I created):
# ls -la /var/lib/clamav | grep ign2
-rw-r--r-- 1 root root 102 Feb 8 01:50
-rw-r--r-- 1 clamupdate clamupdate 5084 Jan 24 22:14
-rw-r--r-- 1 clamupdate clamupdate 285 Jan 4 15:08
I will appreciate your help!
More information about the amavis-users