<html><head></head><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px"><div id="yui_3_16_0_1_1454989470386_2442"><span id="yui_3_16_0_1_1454989470386_2444">So I'll need to run CLAMD to access this feature? </span></div><div id="yui_3_16_0_1_1454989470386_2462"><span id="yui_3_16_0_1_1454989470386_2461">I'm compiling clamav .99 on the system now.</span></div><div class="qtdSeparateBR" id="yui_3_16_0_1_1454989470386_2463"><br></div><div class="qtdSeparateBR" id="yui_3_16_0_1_1454989470386_2464">Also I'm looking at those .ndb files!</div><div class="qtdSeparateBR" id="yui_3_16_0_1_1454989470386_2465"><br></div><div class="yahoo_quoted" id="yui_3_16_0_1_1454989470386_2414" style="display: block;"> <div id="yui_3_16_0_1_1454989470386_2413" style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;"> <div id="yui_3_16_0_1_1454989470386_2412" style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;"> <div id="yui_3_16_0_1_1454989470386_2411" dir="ltr"> <font id="yui_3_16_0_1_1454989470386_2410" face="Arial" size="2"> <hr size="1" id="yui_3_16_0_1_1454989470386_2466"> <b><span style="font-weight: bold;">From:</span></b> Steve Basford <steveb_clamav@sanesecurity.com><br> <b><span style="font-weight: bold;">To:</span></b> MailScanner Discussion <mailscanner@lists.mailscanner.info> <br> <b><span style="font-weight: bold;">Sent:</span></b> Monday, February 8, 2016 2:49 PM<br> <b><span style="font-weight: bold;">Subject:</span></b> Re: Virus Parser<br> </font><br clear="none">On Mon, February 8, 2016 7:32 pm, Peter Lemieux wrote:<br clear="none"><br clear="none"><br clear="none">><br clear="none">> ScanOLE2 yes<br clear="none">> OLE2BlockMacros yes<br clear="none">><br clear="none">><br clear="none">> then files with macros will be treated as malware. The macros will not<br clear="none">> be stripped though. The message will be quarantined by MailScanner like<br clear="none">> any other piece of malware. In the organization I consult to, ordinary<br clear="none">> users have no need of files with macros, so blocking them all is the<br clear="none">> easiest solution.<br clear="none"><br clear="none">Agreed the above option changes do work... but a lot of my users at work<br clear="none">, do have a lot of macros embedded in various price lists etc, which got<br clear="none">blocked by these options... hence badmacro.ndb was born :)<br clear="none"><br clear="none">Cheers,<br clear="none"><br clear="none">Steve<br clear="none">Web : sanesecurity.com<br clear="none">Blog: sanesecurity.blogspot.com<br clear="none">Twitter: @sanesecurity</div><div class="y_msg_container" id="yui_3_16_0_1_1454989470386_2431"><div class="yqt8276650128" id="yqtfd03115"><br clear="none"><br clear="none"><br clear="none"><br clear="none">-- <br clear="none">MailScanner mailing list<br clear="none"><a href="mailto:mailscanner@lists.mailscanner.info" shape="rect" ymailto="mailto:mailscanner@lists.mailscanner.info">mailscanner@lists.mailscanner.info</a><br clear="none"><a href="http://lists.mailscanner.info/listinfo/mailscanner" target="_blank" shape="rect">http://lists.mailscanner.info/listinfo/mailscanner</a><br clear="none"><br clear="none"></div><br><br></div> </div> </div> </div></div></body></html>