ClamAV problems

  • Hi there,


    I installed the clamav plugin without any troubles. I tested it by sending the eicar test virus string from another account (same machine) and it worked great.
    Now I tested it by sending an E-Mail (same mail, eicar test virus string in subject and body) from my gmx mail account. The clamav log told me it is clean and passed the mail.


    Is this a configuration problem? (already run clamav but not milter on this machine)

  • Please post the content of the mail. Maybe gmail changed something? Otherwise it should work...

  • In my eyes it should block this mail.


    Source (removed my mail addresses):


  • Yeah in my eye's it should also block the mail :D I've tested it with my gmail account and all worked fine. Please tell us the os, version... so the devs of the plugin can have a look on this problem.

  • Also tested with my gmail account and it is working.

  • Server:
    Ubuntu 12.04.4 LTS
    ClamAV 0.97.8/18520/Thu Feb 27 04:41:43 2014
    clamav-milter 0.97.8
    postfix mail_version = 2.9.6


    Sender:
    Sent via the webinterface of http://www.gmx.de


    Please tell me if you need more information!


    (If you want write me a pm with your e-mail and I send you the same message to your (test)server with clamav-milter)

  • Here are the versions of my system:

    Debian Wheezy 7.4
    ClamAV 0.97.8/18520/Thu Feb 27 04:41:43 2014
    clamav-milter 0.97.8
    postfix mail_version = 2.9.6


    From gmail and web.de it is working as html and plaintext mail. I don't have a gmx account to test.


    You could also try to send the mail from gmx as plaintext instead of html to see if that works.

  • We made a test from the gmx webinterface with a html mail and the EICAR testsignature was not recognized on my system by ClamAV.
    But all other tests were working fine. The EICAR testsignature was recognized on the server of @UncleSam which I sent from my gmail account (both html and plaintext).


    So it seems that ClamAV will not recognize the signature when embedded in the html code of gmx.


    HTML
    1. <html><head></head><body><div style="font-family: Verdana;font-size: 12.0px;"><div><span style="color: rgb(136, 14, 147); font-family: calibri, tahoma; font-size: 14px; line-height: 19px; text-align: center;">X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*</span></div></div></body></html>


    I'll mark this thread as done.