[Avcheck] Undelivered Mail Returned to Sender (fwd)
Milan P. Stanic
mps@rns-nis.co.yu
Wed, 12 Feb 2003 22:37:13 +0100
On Wed, Feb 12, 2003 at 09:11:40PM +0300, Michael Tokarev wrote:
> Umm... In fact, almost all my time now is spent working with (or rather
> against) abuse of various insecure systems, to make blocking of whole
> networks unnecessary, see above... ;)
I've thought to add support for clam in avcheck (even looked through
the code) but I don't have enough time to try to do that :(
I didn't put much effort to it because I don't know how many viruses
it can detect (using openavbases). Line count of the virus database is
about 7000. Commercial virus databases say that they have 50.000 to
more than one hundred of signatures. If they are serious that means
that there are ten viruses for every day in last fifteen years.
Ridiculous in any way ;))) Even 7000 isn't a little.
> Either way, adding support for another virusscanner _that runs in
> daemon mode_ is very easy. I can't make promise, but I want to
> look at clam this week or so - if someone will not do this before.
> But there is a question: is clam able to decode MIME structure?
It has support for MIME in libclam, but it looks like it does not
work or I don't know how to prove it. In the README file they mention
MIME header but without explanation if that works.
It detects eicar.txt in attachment but didn't catch eicar.zip, in
my testing at least.
Milan