Loading...

clamav-users@lists.clamav.net

[Prev] Thread [Next]  |  [Prev] Date [Next]

Re: [clamav-users] multiple viruses detected Henri Salo Mon Feb 13 04:01:11 2012

On Mon, Feb 13, 2012 at 12:15:02PM +0100, Matus UHLAR - fantomas wrote:
> What I need is to pass phishes sent to one particular address
> (abuse@, since we should knnow when our customers send phishes)

You might be looking for these arguments of clamscan. You can also control this 
in clamd.conf. Default is marked as "(*)".

--scan-mail[=yes(*)/no]
      Scan mail files. If you turn off this option, the original files will 
still be scanned, but without parsing individual messages/attachments.

--phishing-sigs[=yes(*)/no]
      Use the signature-based phishing detection.

--phishing-scan-urls[=yes(*)/no]
      Use the url-based heuristic phishing detection 
(Phishing.Heuristics.Email.*)

--scan-pdf[=yes(*)/no]
      Scan within PDF files. If you turn off this option, the original files 
will still be scanned, but without decoding and additional processing.

--scan-html[=yes(*)/no]
      Detect,  normalize/decrypt and scan HTML files and embedded scripts. If 
you turn off this option, the original files will still be scanned, but with‐
      out additional processing.

--scan-archive[=yes(*)/no]
      Scan archives supported by libclamav. If you turn off this option, the 
original files will still be scanned, but  without  unpacking  and  additional
      processing.


- Henri Salo
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml