[Mimedefang] ClamAV effectiveness

Mike Grau m.grau at kcc.state.ks.us
Fri Jun 28 12:10:59 EDT 2013

David F. Skoll wrote:
> Hi,
> I assume a few people on this list use ClamAV.  Have you noticed that
> it has become next to useless for detecting viruses?  The latest rash of
> fax spams that contain EXEs inside ZIPs just seem to sail past ClamAV.
> We always hold EXEs and EXEs inside ZIPs, so our clients are safe, but
> really ClamAV is not doing its job.
> Are others noticing it?  And if you use commercial AV software, does it
> seem to do a better job than ClamAV?
> Regards,
> David.

I just received one of these fax spams with an EXE inside a ZIP. It is 
not detected by ClamAV official signatures, but is detected by a third 
party signature:


-- Mike

More information about the MIMEDefang mailing list