Hi, I still experience some worms have free roaming through the server like the w32.stration What is there to do about these worms?
Well, w32.stration won't do any harm on a linux server... however clients that use windows and download email containing the worm may be harmed. Have you installed any antivirus scanner on your server?
Is that not what CLAMAV and Freshclam is doing there? Freshclam updates the AV DB and ClamAV scan the mail for viri? Yes the Linux is not my concern, however the windows user connecting and fetching his mail is were the problems manifest!
Clamav should actually delete the virus. However I think you have to pipe the mail through the clamav scanner. I don't think it does it automatically... well, I'm not using any anti-virus software on my email server so I can't tell for sure.
If you use ISPConfig, you will just have to enable the "Antivirus" checkbox in the settings of the mail user and ISPConfig will pipe all mail trough ClamAV.
Yes it does, and it is enabled, however these specific Worms still pass into maiboxes, Most others get caught, these actually pass through. Plse google for: W32.Stration althow the W32.Stration@mm is called Worm.Stration.A (ClamAV), some strains lately does not get caught. I did an /home/admispconfig/ispconfig/tools/clamav/bin/freshclam and the resul was Witch meant that my ClamAV DB is fine!
It's possible that this worm is not in ClamAV's database yet. Although the ClamAV database contains most of the viruses/worms, it's still a project maintained by volunteers.