Recent content by Pavel Hruška

Sure, but not acceptable in my environment, at least not now. I've just disabled office macro/vba execution where it is not required and where it is required useres have been trained.

Just want to add followup to the topic. Problem is not with PMG, but with Avast where I've noticed slight delay when new variants of viruses are detected. In this case the mail was not detected by AV but was quarantined by spam filters when it was received for the first time. But it was...

Hi there, I've noticed some emails with infected attachments stuck in the spam quarantine but with no virus alert being triggered although it seems that the virus is detected by Avast (when I test it as outgoing mail it gets triggered properly). Just wondering if there is any order in spam...

I've received my Avast trial key and sucessfully installed the service. Now I am on testing. I've created small cheatsheet if you want to follow my installation steps: https://gist.github.com/mrpeardotnet/1445b16f30b30915f7d1fc153f13c336 Thank you all for help.

To disable Avast is this enough? pmgsh set /config/admin --avast 0

Well I am not able to get the trial directly from the web or anywhere else, and Avast service won't start without license file. I've just contacted the sales again...

Does anybody know if it is possible to test Avast as trial for some period of time?

Thank you for reply, will check Avast for sure, this is well known and quite good AV. Not free, but that's okay for corporate environment and for job it does. I've just asked for the price offer.

Sounds crazy to me, it's the most common attachment! The false hit ratio would be like >95%. Where? Server or endpoint?

Just wanted to ask all of you out there, I have very bad experience with ClamAV, quite all viruses passes AV test on PMG. Like literally it is magic when some virus is catched by ClamAV. These days we receive a lot of Word/macro enabled virus downloaders/droppers that never get caught by...

Thank you, I've missed that piece of docs. For everyone looking for answer the placeholder for attachment file name is __FILENAME__

What is attachment file name placeholder that can be used in "Text Replacement"? No info in docs :(. Wanted to use diacritics in text replacement but ended with "Wide character in subroutine entry at /usr/share/perl5/PMG/RuleDB/Remove.pm line 100. (500) " error. P.

Thank you for quick reply. Looks promising and I will give it a try, but I have some thoughts on this topic: for encrypted archives I already used to have "Block encrypted archives and documents" checked, but I've incereased heuristic score from default value 3 something higher. Does it mean...

Hi folks, I've experienced ransomware attack that originated from email attachment. The fact that the infected file passed through all checks (ClamAV on PMG, even local AV) forces me to think about tightening the rules a bit more here. We are using Windows clients only (for end users) and I...

Happened to me due OOM killer killed one of the VM processes when RAM usage was increasing, but not critical at all. Or at least I did not notice RAM starvation. The VM then stops without trace in tasks. Not sure if this is your case, just check RAM usage at first.