On Mon, 2011-03-07 at 18:10 -0600, Daniel McDonald wrote: > > > On 3/7/11 5:36 PM, "Chris" <cpollock@xxxxxxxxxxxxxx> wrote: > > > Received a spam today that had an attachment that had an .html extension > > which in reality was a javascript file. When running the attachment > > through clamdscan it was tagged as Sanesecurity.Malware.14565.UNOFFICIAL > > FOUND. Shouldn't the malware have been picked up along with the phishing > > or instead of? > > That's one of the clamav limitations - it only records one match. And there > is no priority system for "more important" matches, so if a file will hit > multiple signatures, a random one will be reported. > > I see, thanks Dan, appreciate it. -- Chris KeyID 0xE372A7DA98E6705C 31.11°N 97.89°W (Elev. 1092 ft)