Clamd does not detect all Makros.

Steve Basford steveb_clamav at
Wed Nov 9 10:31:45 UTC 2016

On Wed, November 9, 2016 9:51 am, Heino Backhaus wrote:
> Hi,
> again a Virus (Worddocument-Virus) made it's way through a clamav with
> OLE2BlockMacros yes
> in /etc/clamd.conf

> what are you doing to block those kind of viruses?

a) There's already a bugzilla entry if you want to add a sample:

b) 3rd party badmacro.ndb / phish.ndb / rogue.hdb  may be able to help


Twitter: @sanesecurity

More information about the MailScanner mailing list