Small problem after ClamAV upgrade

Rick Cooper rcooper at dwford.com
Thu Mar 8 15:51:44 CET 2007 

 

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info 
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf 
> Of Plant, Dean
> Sent: Thursday, March 08, 2007 4:11 AM
> To: MailScanner discussion
> Subject: RE: Small problem after ClamAV upgrade
> 
> Denis Beauchemin wrote:
> > 
> > Look into /usr/lib/MailScanner/MailScanner/SweepViruses.pm for
> > Mail::ClamAV::CL_SCAN_BLOCKBROKEN() and comment it out (it's there
> > twice).  I don't think this can be configured by other means.  Then
> > restart MS.
> > 
> > Denis
> 
> After looking in SweepViruses.pm I thought I better read up on the
> options in Mail-ClamAV-0.20
> 
> >From 
> http://search.cpan.org/src/SABECK/Mail-ClamAV-0.20/README there are
> a few new options that are not in Mail-ClamAV-0.17 so it 
> would seem that
> unless we add these options to
> /usr/lib/MailScanner/MailScanner/SweepViruses.pm we are not 
> enabling the
> new features of ClamAV 0.90.1. Is this correct? If so what 
> are the lists
> thoughts on which options should be added? I think all of 
> these options
> are enabled by default if using ClamAV via the command line 
> scanner with
> MailScanner.
> 
> New options in Mail-ClamAV-0.20 not listed in SweepViruses.pm:
> 
>     CL_SCAN_ELF
>      Enable support for ELF files.
> 
>     CL_SCAN_ALGORITHMIC
>      Enable algorithmic detection of viruses.
> 
>     CL_SCAN_PHISHING_DOMAINLIST
>      Phishing module: restrict URL scanning to domains from .pdf
>      (RECOMMENDED).
> 
>     CL_SCAN_PHISHING_BLOCKSSL
>      Phishing module: always block SSL mismatches in URLs.
> 
>     CL_SCAN_PHISHING_BLOCKCLOAK
>      Phishing module: always block cloaked URLs.
> 
[...]

I believe the export CL_SCAN_STDOPT is there specifically to enable the
default scan options in the even that libclamav introduces new scanning
options. From the ClamAV.pm:
====================================
CL_SCAN_STDOPT 

This is an alias for a recommended set of scan options. You should use it to
make your software ready for new features in the future versions of
libclamav
===================================================

So if they are enabled by default in clamav they should automatically be
used in Mail::ClamAV unless disabled within the scanner script (in this case
MailScanner).

Rick


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list