[CentOS] EPEL - Clamav update?

Mon Apr 4 06:16:30 UTC 2016
Ned Slider <ned at unixmail.co.uk>


On 03/04/16 22:10, Ireneusz Piasecki wrote:
> W dniu 03.04.2016 o 04:39, Rob Kampen pisze:
>> EPEL maintainers?
>> I note messages in the log about updated version 0.99.1 of CLAMAV
>> being available since Mar 5th.
>> for CentOS 6 no update is available yet.
>> I used to use rpmforge for this package but that languished for months
>> before updates became available and eventually stopped altogether.
>> Is there something I can do to assist in getting this package updated?
>> I have no idea if this is a difficult package to compile with lots of
>> dependancies or some otherwise complexities.
>> In this era of constant SPAM and so many virus / trojan attempts to do
>> harm to others, it is vital that we run this package to protect our
>> users.
>> Please let me know if / how I can assist.
>> Kind regards
>> Rob
> Hi,
>
> Does clamav detect anything in this floding e-mail viruses ? My clamav
> instalation (with amavisd-new) in centos 5 with the current signatures
> detect nothing in compare to virustotal.org antivirus - i noticed that
> clamav signatures are lag behind form the top antivir in the market.
>
> Viruses in ZIP archives goes via my e-mail gateway (amavisd-new+clamavd)
> and are stopped finally by F-Secure Client Security. So, clamav is
> defend from anything ?
>
> Sorry for off topic.
>

That is pretty much my experience too - I've only seen the occasional FP 
hit from ClamAV on a mail server for as long as I can remember.

The latest flavour of the month seems to be .js ransomware which go 
undetected. I have long blocked all executable file types in amavisd as 
a matter of policy.

IMHO the AV vendors lost the battle a long time ago - they simply can't 
compete with the bad guys nor keep up with the volume and this 
particular layer of defence is now less effective/ineffective.