Community Discussions and Support
ClamAV 0.99.3 has been released

Hi Joerg,

I have been using ClamAV for many years, probably since ClamWall was introduced in Mercury.  Detections are very common, diverting these messages to a quarantine directory.  I enhance it by including some third party definition files from Sanesecurity.  Def updates are timed based on a setting of your choice in a configuration file.  The default setting is every 10 minutes which I thought was too often so I set it to update hourly.

One shortcoming of ClamWall/ClamAV is that there isn't a built-in detection notification mechanism.  The workaround is a utility called CWscan written by Paul Whelan.  When executed, it scans the quarantine directory for new files, creates a .cnm file for each one containing relevant info about the detection, and writes it to a directory (mounted as an added mailbox), then moves the scanned messages to an archive directory.  As for overhead, I don't have a sense that it is of significance although I believe my mail volume is a good bit lower than yours.  I don't know whether higher volume=noticeable overhead.

Is ClamAV necessary?  Probably not, but I think the Sanesecurity defs help keep suspicious messages out of the user mailboxes.  False detections occur but are very rare.

You're welcome to email me directly if you care to discuss in more detail.

<p>Hi Joerg,</p><p>I have been using ClamAV for many years, probably since ClamWall was introduced in Mercury.  Detections are very common, diverting these messages to a quarantine directory.  I enhance it by including some third party definition files from Sanesecurity.  Def updates are timed based on a setting of your choice in a configuration file.  The default setting is every 10 minutes which I thought was too often so I set it to update hourly. </p><p>One shortcoming of ClamWall/ClamAV is that there isn't a built-in detection notification mechanism.  The workaround is a utility called CWscan written by Paul Whelan.  When executed, it scans the quarantine directory for new files, creates a .cnm file for each one containing relevant info about the detection, and writes it to a directory (mounted as an added mailbox), then moves the scanned messages to an archive directory.  As for overhead, I don't have a sense that it is of significance although I believe my mail volume is a good bit lower than yours.  I don't know whether higher volume=noticeable overhead. </p><p>Is ClamAV necessary?  Probably not, but I think the Sanesecurity defs help keep suspicious messages out of the user mailboxes.  False detections occur but are very rare. </p><p>You're welcome to email me directly if you care to discuss in more detail. </p>

Here's the notice:  http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html

I've been running Windows 32 bit versions but see a 64 bit version is available.  Anyone tried it?

 

 

<p>Here's the notice:  <a title="" href="http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html">http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html</a></p><p>I've been running Windows 32 bit versions but see a 64 bit version is available.  Anyone tried it?</p><p> </p><p>  </p>

I just installed the 64 bit version.  All appears fine on initial testing.  Will be reviewing logs and detections in about 16 hours.

I just installed the 64 bit version.  All appears fine on initial testing.  Will be reviewing logs and detections in about 16 hours.

Hi Brian,

Thanks for testing. Do you already use ClamAV for a while? I have no experience with it. Our mails firstly are being AV checked with our ISP and secondly with the local AV software installed on the user machines when they opening mails. Until now I didn't install any additional AV software at the server where Mercury is running to avoid additional processor load. Further I didn't see a real advantage since the server is never opening/executing email attachments by itself. Did your ClamAV installation found any viruses in past? And what about the virus signature updates. How often ClamAV updates them?

Cheers

Joerg

<p>Hi Brian,</p><p>Thanks for testing. Do you already use ClamAV for a while? I have no experience with it. Our mails firstly are being AV checked with our ISP and secondly with the local AV software installed on the user machines when they opening mails. Until now I didn't install any additional AV software at the server where Mercury is running to avoid additional processor load. Further I didn't see a real advantage since the server is never opening/executing email attachments by itself. Did your ClamAV installation found any viruses in past? And what about the virus signature updates. How often ClamAV updates them?</p><p>Cheers</p><p>Joerg </p>
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Cancel
Delete
Pending draft ... Click to resume editing
Discard draft