[Mimedefang] ClamAV effectiveness
Mike Grau
m.grau at kcc.state.ks.us
Fri Jun 28 12:10:59 EDT 2013
David F. Skoll wrote:
> Hi,
>
> I assume a few people on this list use ClamAV. Have you noticed that
> it has become next to useless for detecting viruses? The latest rash of
> fax spams that contain EXEs inside ZIPs just seem to sail past ClamAV.
> We always hold EXEs and EXEs inside ZIPs, so our clients are safe, but
> really ClamAV is not doing its job.
>
> Are others noticing it? And if you use commercial AV software, does it
> seem to do a better job than ClamAV?
>
> Regards,
>
> David.
I just received one of these fax spams with an EXE inside a ZIP. It is
not detected by ClamAV official signatures, but is detected by a third
party signature:
Sanesecurity.Malware.20493.ZipHeur.UNOFFICIAL
-- Mike
More information about the MIMEDefang
mailing list