[Mimedefang] [PATCH] Cumulative ClamAV patch for MIMEDefang
Mark G. Thomas
Mark at misty.com
Wed Feb 21 12:05:24 EST 2007
Hi,
On Tue, Feb 20, 2007 at 01:44:36PM -0500, David F. Skoll wrote:
> Hi,
>
> Here's a patch that (I believe) includes everything that was posted
> on the list. Please verify that this patch solves all the ClamAV
> 0.90 issues.
I gave up on tempfailing messages which trigger zip failures, since
the messages tend to be large, and repeatedly re-scanning broken and
often massive attachment every 30-60 minutes for several days is such
a waste of CPU and bandwidth.
I'd think it would be a desirable option to treat these as viruses,
at least after trying and failing with clamscan, if not after the
initial clamd zip module failure.
Why is this considered a temporary failure by default? Might it succeed
on some future attempt?
I found this more desirable, at least here:
if ($err_detail =~ /(?:zip module failure|not supported data format)/i) {
$VirusScannerMessages .= "clamd failed to scan the zip/rar archive.\n";
$VirusName = "ZipRarScanFailure";
return (wantarray ? (1, 'virus', 'quarantine') : 1);
}
Mark
--
Mark G. Thomas (Mark at Misty.com)
voice: 215-591-3695
More information about the MIMEDefang
mailing list