Submitted by uinfor on Tue, 11/29/2016 - 10:23 Pro Licensee
Does clamAV scan attached compresed files like *.zip ???
I have in a last week an attack of spam/virus in my mails servers (linux and Windows) and have a typical attached file with invoice.zip and inside has a *.js or a *.pdf.exe directly ..... and i think clamav not scan anything because my server windows scan and delete the attach but clamav/virtualmin not
Can i directly delete all mails with .zip or .zip with *.exe and *.js inside ???
Thank you !!!
Submitted by andreychek on Tue, 11/29/2016 - 10:51 Comment #1
Howdy -- ClamAV should indeed check inside zip files. However, it may not catch everything that a commercial desktop-based virus scanner can detect.
I'm unfortunately not sure how to make ClamAV block certain types of attachments outright, and that's not something Virtualmin is able to configure automatically.
I do see a few ideas regarding that posted on the ClamAV mailing list. It may be worth looking into those a bit.
In particular the "Sanesecurity" ClamAV add-on is mentioned a few times for having rules to handle that.
That's unfortunately not something we can support, but I wanted to toss out a few ideas to point you in the right direction.
Submitted by uinfor on Tue, 11/29/2016 - 15:48 Pro Licensee Comment #2
Thank you Andrey !!!
Submitted by uinfor on Fri, 02/03/2017 - 14:00 Pro Licensee Comment #3
Andrey i need scan better virus, a lot of .zips with virus have add virus, and i see this good manual ->
But i'm lost with vmy virtualmin/centos7 , can you help me to make a good tutorial to virtualmin ?? i think today its mandatory have a good antivirus scan in mail server, without this i not need my owns mail servers
Submitted by andreychek on Fri, 02/03/2017 - 14:39 Comment #4
Sorry we don't have a guide for how to do that on a Virtualmin installation, though it should be possible to do.
But we haven't done much testing with the unofficial sigs, and that's not something that's available in the CentOS repository.
My suggestion would be to look for instructions on how to set that up on a server not using Zimbra, that might be easier to get working.