Date: Wed, 23 Mar 2016 16:31:54 +1030 From: Wayne Sierke <ws@au.dyndns.ws> To: krad <kraduk@gmail.com>, Olivier Nicole <Olivier.Nicole@cs.ait.ac.th> Cc: questions@freebsd.org Subject: Re: Anti-virus for FreeBSD Message-ID: <1458712914.1578.37.camel@au.dyndns.ws> In-Reply-To: <CALfReyeHNrqZsCd_-3gMb%2B5RDEnW8aK2QfYCDRSBG%2B3bN5tpsQ@mail.gmail.com> References: <wu7vb4fm8ji.fsf@banyan.cs.ait.ac.th> <CALfReyeHNrqZsCd_-3gMb%2B5RDEnW8aK2QfYCDRSBG%2B3bN5tpsQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2016-03-22 at 09:07 +0000, krad wrote: > Other than that clamav > is good enough. I'm curious as to whether that's an objective or subjective view? I've got clam-av set up on a couple of mail boxes scanning incoming messages and find a worrying amount of viral content still gets through. Even after submitting false-negative reports, manual tests conducted (days!) later have failed to detect them. To be fair, some of that also fails to be detected initially by commercial AV scanners on MS Windows. However in one instance, for example, one AV provider had an update deployed and distributed less than two hours after they were notified. I've submitted suspect attachments to the Virus-Total web site to find that it was already submitted previously, sometimes long ago, and clam- av is listed with a negative detection result.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1458712914.1578.37.camel>