|Main Archive Page > Month Archives > clamav-users archives|
On Mon, 8 Oct 2007, Joao S Veiga wrote:
> To me, is more logical/easier/less annoying to explode the mboxes ONLY if
> something is found in them instead of exploding all the mboxes to scan them (in
> 99.842% of the cases, they will be clean anyway).
If you use the SaneSecurity signatures, it is actually extremely likely that you will find "infected" files in existing mailboxes. The signatures are terrific, but there is an unavoidable lag between the newest phishes and the updated sigs, moreso than in the standard anti-virus sigs.
This is the case in my environment, anyway.