[Mimedefang] Question about Virus Scanners
Kelson Vibber
kelson at speed.net
Wed Aug 11 14:28:31 EDT 2004
At 10:58 AM 8/11/2004, Mark Penkower wrote:
>For those of you using linux virus scanners with MimeDefang, what other
>vendors had defs out as quickly as Mcafee?
ClamAV <http://www.clamav.net/> actually recognized it several hours
*before* McAfee did. (I had the updated virus defs on our server, and I
went looking for more info at Symantec and McAfee and couldn't find
it.) In fact, Clam was so early that they had to change the name
(Trojan.JS.RunMe, IIRC) after other AVs determined it was a Bagle variant.
Also, I highly recommend enabling the Archive::ZIP capabilities in newer
versions of MD. While we did have messages slip through before we got the
updated definitions, they were all caught by filter-bad_filename and
defanged.
Kelson Vibber
SpeedGate Communications <www.speed.net>
More information about the MIMEDefang
mailing list