[Mimedefang] )What AV scanners do you use? (was Re: Any Sophie users out there?
Andrew Watkins
andrew at dcs.bbk.ac.uk
Fri Mar 21 06:45:46 EDT 2014
I have to agree I find ClamAV is not catching many virus recently (over
the last few years). Great for catch old ones, but any thing new is not
being caught.
I know this since on the Windows desktops we run Trend and it catches a
lot of e-mail attachments which look bad.
Problem we run Solaris e-mail servers so not much choice of software
available to us. I should tighten up on our extension blocking.
Andrew
On 03/20/14 20:01, David F. Skoll wrote:
> On Thu, 20 Mar 2014 15:46:49 -0400
> wbrown at e1b.org wrote:
>
>> We haven't seen an increase in virii detected by McAfee or Symantec
>> on servers downstream from our CanIt system. Maybe that's because
>> blocking the unsafe extensions kills them before we even call ClamAV.
>
> I've attached the statistics for the last 60 days on our systems. The brown
> bars are messages blocked because of bad filename extensions. The red ones
> are ones detected as viruses by ClamAV. As you see, the red bars are
> two orders of magnitude smaller than the brown one.
>
>> Or are there fewer infections being sent by mail, rather focusing
>> more on phishing emails?
>
> We see waves. The last 30 days were quieter than the 30 days before
> that, but it waxes and wanes as new botnets come online and old ones
> go away.
>
> Regards,
>
> David.
>
>
>
> _______________________________________________
> NOTE: If there is a disclaimer or other legal boilerplate in the above
> message, it is NULL AND VOID. You may ignore it.
>
> Visit http://www.mimedefang.org and http://www.roaringpenguin.com
> MIMEDefang mailing list MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>
--
Andrew Watkins * Birkbeck, University of London * Computer Science *
* UKOUG Solaris SIG Co-Chair *
http://notallmicrosoft.blogspot.com/
More information about the MIMEDefang
mailing list