Some issues with Sophos in Mailscanner
info at schroeffu.ch
info at schroeffu.ch
Wed Nov 20 10:26:44 UTC 2019
Hi Mailscanner Community,
are some of you using the free sophos virus scanner in production? Maybe you can help me with some issues.
For years i am running ESETS and CLAMAV + SaneSecurity, but the detection is not as good as i wish. So i installed additonally sophos days go to compare.
- Sophos is not detecting any real virus in the wild. ESETS+ClamAV does. Any Idea why?
- Sophos is not detecting EICAR with for example "savscan /tmp/eicar.txt.com". Any Idea why?
- But Sophos is detecting password protected 7zip and MS Office Password protected files. Now, thats not optimal. VBA Virus can be found in MS Office Password PRotected files, so block this files is overkill and not neccessary. How can I whitelist password protected Office files, but still detect pw protected 7zip?
Because my Mailscanner is not detecting password protected 7zip files (see http://lists.mailscanner.info/pipermail/mailscanner/2019-November/106065.html (http://lists.mailscanner.info/pipermail/mailscanner/2019-November/106065.html)) , its good that sophos does. Therefore i didn't deinstall sophos sav scanner yet.
May some of you had the same issue?
thanks for any help
Schroeffu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20191120/afb46237/attachment.html>
More information about the MailScanner
mailing list