Topic: ClamAV Potentially Unwanted Applications (PUA)
==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.2
- Linux/BSD distribution name and version: CentOS 7.x
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? Some
- Related log if you're reporting an issue:
====
Is there posibility to enable on ClamAV to detectPUA https://github.com/vrtadmin/clamav-faq/ … faq-pua.md ?
... on default iredmail instalation on CentOS there is no file clamd.conf so I can't find where I can enable this feature of ClamAV for incoming mails.
Why ?
... i had crypto wirus passed to users mailboxes ... packed .js file in zip archive ... I disabled .js files anywhere in amavish, but such scripts can be sent also in html atachments, and detect PUA can actualy detect such threats so I wolud like to enable that feature and to send such mails to quarantine. That way no mail will be lost, and users can found legit mails in theres own qarantine.
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.