Virus detected by Clamd is not blocked by Mailscanner

Heino Backhaus heino.backhaus at
Thu Feb 18 14:18:31 UTC 2016

Hello List,

Today I recognized a quarantined mail, detected as spam, with a word 
document attached. So i downloaded
this word document and scanned it with clamdscan on my mailscanner 
machine and clamd found a virus:

root at mailscanner2014:~# clamdscan VIRUS-invoice_27638121.doc
Sanesecurity.Malware.25947.XmlHeurGen.UNOFFICIAL FOUND

----------- SCAN SUMMARY -----------
Infected files: 1
Time: 0.129 sec (0 m 0 s)

  I was wondering why it was detected as spam and not as a virus... I 
attached this word document
to a mail and sent it to through my mailscanner machine...and it whent 

Does anybody's got an Idea where i could look for a configuration error?
Other viruses like clamav-testfile attached to mails are being detected 

It's  MailScanner-4.84.6-1 and ClamAV 
devel-clamav-0.99-beta1-363-g0ea036a/21384/Wed Feb 17 21:12:50 2016

# This *cannot* be the filename of a ruleset.
Virus Scanners = clamd

OLE2BlockMacros yes

Mit freundlichen Gruessen

H. Backhaus

Fink-Computer Systeme
Heggrabenstr. 9, 35435 Wettenberg
Email: heino.backhaus at
Fax: +49-641-98444638
Fon: +49-641-98444640
UST-ID: DE151040770
HRB: 2143 Gießen
GF: Fredi Fink

"In retrospect it becomes clear that hindsight is definitely overrated!"
   -Alfred E. Neumann

More information about the MailScanner mailing list