ClamAV Exceptions/Whitelist and Can't Resend
Question asked by Scott Hendrickson - September 12, 2017 at 2:39 AM
Unanswered
Can anyone point me to some instructions for configuring ClamAV exceptions in Smartermail 14?  I recently implemented Joe Wolf's ClamAV improvements (https://portal.smartertools.com/community/a2583/how-to-greatly-improve-clamav-even-zero-hour-style-protection-for-free.aspx). ; For the most part they seem to be working pretty well.  HOWEVER ClamAV is also catching what I think are legitimate emails from PayPal as well as credit card notifications from searscard.com and accountonline.com, which I think covers more than one credit card issuer.  I know the latter is legit; it's where I login to my Citi M/C account, and searscard.com is registered to Sears Brands, LLC. 
 
Also when I think ClamAV quarantined something it shouldn't have, Actions / Resend does NOT work correctly.  The server does attempt to resend the message, but it winds up back in the virus quarantine.  Anybody know a workaround for that? 
 
Thanks! 
 
Scott
Scott Hendrickson
SOS4Net, Inc.
Centennial, CO. U.S.A.

2 Replies

Reply to Thread
0
Does anyone have any ideas on this?  I'm afraid some users are missing their credit card statement notifications because they get caught in the quarantine, and it won't let me resend.  Every time I resend, they just keep getting caught again.  I found how to whitelist a specific signature, but I don't know how to tell which signature these are hitting.  Can the domains not just be whitelisted like with the spam filter?  If I can't whitelist the domains they're coming from and can't resend them, I'm afraid I may have to turn off ClamAV, and I really do not want to do that.  Any help would be most appreciated. 
Scott Hendrickson
SOS4Net, Inc.
Centennial, CO. U.S.A.
0
According to Rod Lasky from SmarterTools, there is no way to whitelist specific domains for ClamAV from within SmarterMail OR from within Clam as far as he could tell. 
 
On the bright side, in SM 15 the Resend action does work, so if anything gets caught in the virus quarantine by accident, you can at least resend it, and it'll actually get where it's supposed to go. 
Scott Hendrickson
SOS4Net, Inc.
Centennial, CO. U.S.A.

Reply to Thread