ClamAV exclude file extension?

teknom

• November 06, 2017 02:46

hello guys, some of my clients have excel documents included macros and ClamAV gives false positive for this files. therefor emails could not deliver gives an error: 550 (Doc.Dropper.Agent-6342721-0) - Removed Link No Need Here - i want to know may i exclude excel files from ClamAV scanner?

• 

  cPanelMichael

  • November 06, 2017 17:45

  Hello, You can create the following file in order to whitelist virus definitions with ClamAV:
  /usr/local/cpanel/3rdparty/share/clamav/local.ign2
  For example, if ClamAV detected a virus on a test.swf file like this:
  # /usr/local/cpanel/3rdparty/bin/clamscan /home/123 /home/123/test.swf: Swf.Exploit.CVE_2016_0968-1 FOUND
  You would run the following commands to whitelist that definition:
  echo Swf.Exploit.CVE_2016_0968-1 >> /usr/local/cpanel/3rdparty/share/clamav/local.ign2 /scripts/restartsrv_clamd
  Thank you.

  0

Please sign in to leave a comment.