Difference between revisions of "ClamAV"

From Halon, SMTP software for hosting providers
Jump to: navigation, search
(Usage)
Line 6: Line 6:
 
<hsl type="data">
 
<hsl type="data">
 
if (ScanCLAM())
 
if (ScanCLAM())
     Reject("ClamAV thinks your message is contains a virus");
+
     Reject("ClamAV thinks your message contains a virus");
 
</hsl>
 
</hsl>
  

Revision as of 12:16, 12 October 2016

The open-source anti-virus engine ClamAV is included in the Halon platform. It allow you to get a second opinion to the commercial anti-virus that's also included.

Usage

ClamAV can be used with the HSL function; ScanCLAM in the DATA flow. It is also available in the graphical "Anti-virus" flow chart block.

if (ScanCLAM())
    
Reject("ClamAV thinks your message contains a virus"); 

Skip certain signaturs

This example filter various heuristics detection from the ClamAV antivirus engine, which may be useful if these apply to you on regular basis preventing unwanted false-positives.

// ClamAV check
function ScanCLAM()
{
    
$skip = ["Xls.Exploit.EmbeddedFlash-1"];
    
$clam = [];
    foreach (
builtin ScanCLAM() as $v)
       if (!
in_array($v$skip))
           
$clam[] = $v;
    return 
$clam;