[Mimedefang] )What AV scanners do you use? (was Re: Any Sophie users out there?

Andrew Watkins andrew at dcs.bbk.ac.uk
Fri Mar 21 06:45:46 EDT 2014

I have to agree I find ClamAV is not catching many virus recently (over 
the last few years). Great for catch old ones, but any thing new is not 
being caught.

I know this since on the Windows desktops we run Trend and it catches a 
lot of e-mail attachments which look bad.

Problem we run Solaris e-mail servers so not much choice of software 
available to us. I should tighten up on our extension blocking.


On 03/20/14 20:01, David F. Skoll wrote:
> On Thu, 20 Mar 2014 15:46:49 -0400
> wbrown at e1b.org wrote:
>> We haven't seen an increase in virii detected by McAfee or Symantec
>> on servers downstream from our CanIt system.  Maybe that's because
>> blocking the unsafe extensions kills them before we even call ClamAV.
> I've attached the statistics for the last 60 days on our systems.  The brown
> bars are messages blocked because of bad filename extensions.  The red ones
> are ones detected as viruses by ClamAV.  As you see, the red bars are
> two orders of magnitude smaller than the brown one.
>> Or are there fewer infections being sent by mail, rather focusing
>> more on phishing emails?
> We see waves.  The last 30 days were quieter than the 30 days before
> that, but it waxes and wanes as new botnets come online and old ones
> go away.
> Regards,
> David.
> _______________________________________________
> NOTE: If there is a disclaimer or other legal boilerplate in the above
> message, it is NULL AND VOID.  You may ignore it.
> Visit http://www.mimedefang.org and http://www.roaringpenguin.com
> MIMEDefang mailing list MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Andrew Watkins * Birkbeck, University of London * Computer Science *
* UKOUG Solaris SIG Co-Chair *

More information about the MIMEDefang mailing list