[Pkg-clamav-devel] Bug#589767: clamav: clamscan gives opposite results on mbox file vs. maildir file
Michael Tautschnig
mt at debian.org
Wed Sep 8 10:45:21 UTC 2010
tags 589767 + upstream
forwarded 589767 https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2253
thanks
> Michael writes:
> >[...]
> >
> > I guess you could zip the file, make the archive password protected and
> > send the
> > password along :-) That way anybody could get a chance to read it. If you
> > prefer
> > the gpg variant, my public key is attached.
> >
>
> I found alternate ways to do my work. Anyway, attached is a gpg symmetric
> encrypted file that I referred to in earlier messages.
>
> The password is "debian".
>
It seems that whatever mailserver software you might be using, it adds some X-*
headers at the very beginning of the email message. Consequently clamav fails to
detect this as a Maildir file and treats it as ASCII text instead. It then fails
to conclude that it is a phishing message. I've asked upstream to improve their
detection capabilities.
Thanks a lot for reporting this and providing all the necessary debugging
information!
Best,
Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20100908/9e296c4a/attachment-0001.pgp>
More information about the Pkg-clamav-devel
mailing list