Thoughts about finding viruses in email inboxes

Bart Silverstrim bsilver at
Sun Mar 29 01:11:48 UTC 2009

Raquel wrote:
> On Sat, 28 Mar 2009 13:38:38 -0700
> "David M. Karr" <davidmichaelkarr at> wrote:
>> If I have clamav running an automated scan each night, and it finds
>> a virus in my IMAP inbox, what good does that do me?  I have 156
>> messages in my Inbox currently, and no way to know which one has
>> the virus (although it's pretty likely it was one of the messages
>> I've received in the last 24 hours).  It seems like it would be
>> useful for clamav to have some sort of integration/knowledge with
>> the mail system, so it can provide better information about which
>> email message has a virus.  Is there any practical way to do this?
>> Has this ever been considered?
> I don't know what your specific situation is.  However, on my mail
> server, running Debian Lenny, clamav discards anything with a virus
> in it.

On a mail server, you're scanning mail individually as they pass through 
the server. On their systems, it sounds like the virus is a piece of 
encoding in the middle of a big mailbox file, so they can't tell where 
in that file the virus is actually located and the mail program...the 
reader...separates messages by formatting codes in the mailbox file.


More information about the ubuntu-users mailing list