hi all,
i've Exim 4.53RC1 + Exiscan + clamav 0.87 installed.
testing via <
http://www.webmail.us/testvirus> (nee testvirus.org), all tests
are properly caught by clamav, as well as "23 (Non-Virus): Attachment with a
CLSID extension" by my Exim conf's ACL HELO entry ...
one test, however, 'gets thru':
(Non-Virus): Test for the "Partial (Fragmented) Vulnerability". This does
not include the EICAR virus, however your mail server should still block
this since a virus can use this technique to break itself into multiple
emails, bypassing virus scanners, and reassembling itself in your inbox. **
i'm finding nothing on EICAR, this or the clamav lists, or google for that
matter, on this 'thing' ...
any wisdom as to what it is, what to search on ... or, more to the point, how
to 'kill it' in Exim?
thx,
richard
