PMG/ClamAV effectiveness?

Pavel Hruška

Member
May 1, 2018
75
8
8
45
Just wanted to ask all of you out there, I have very bad experience with ClamAV, quite all viruses passes AV test on PMG. Like literally it is magic when some virus is catched by ClamAV.

These days we receive a lot of Word/macro enabled virus downloaders/droppers that never get caught by ClamAV.

Has any one the same experience? Any possible way to fight such viruses, how do you handle it, guys?

As one example let's see this link of last virus that passed ClamAV without any problem
https://www.virustotal.com/gui/file...e716d124050bc55411f6cb21fe6626092df/detection


Thank you!
 
  1. Best practice, quarantine all ms attachments, never deliver this to end users without checks from professional IT people (use the special attachment quarantine)
  2. Add avast as a second virus scanner
 
Best practice, quarantine all ms attachments, never deliver this to end users without checks from professional IT people (use the special attachment quarantine)
Sounds crazy to me, it's the most common attachment! The false hit ratio would be like >95%.

Add avast as a second virus scanner
Where? Server or endpoint?
 
Sounds crazy to me, it's the most common attachment! The false hit ratio would be like >95%.

Not crazy, this is the default in quite a lot of organizations nowadays.

Accepting doc files via emails is crazy (from the security point of view).


Where? Server or endpoint?

On the Proxmox Mail Gateway (see docs and search the forum for avast).

If you run Windows on your Desktop, you would need of course a good scanner on the desktop too.
 
Thank you for reply, will check Avast for sure, this is well known and quite good AV. Not free, but that's okay for corporate environment and for job it does. I've just asked for the price offer.
 
Well I am not able to get the trial directly from the web or anywhere else, and Avast service won't start without license file. I've just contacted the sales again...
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!