As I have researched malware and the indicators of compromise an MD5 checksum of the files are provided so that you can detect them in your environment. I am not sure about your anti-virus but I am not able to plug-in an MD5 and have it search for them across the enterprise as it does it's scan.The blog highlights a great point about ClamAV and Open Source, the ability to generate your own detection!
Take a look at the blog here.
Good morning! I have read the guides about install postfix on the server and there is written to set the parameter: SOCKET_RWGROUP = postfix in the file / etc / default / clamav-milter but I installed ClamAV and unfortunately I do not have such a file. How do I set it up?
ReplyDeleteI have followed the instructions on the page: https://greenqloud.zendesk.com/entries/74986716-How-To-Make-your-e-mail-Truly-Green-Part-2-fighting-spam
A more appropriate place to get your question answered would be the ClamAV users list:
ReplyDeletehttp://lists.clamav.net/mailman/listinfo/clamav-users