==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.8
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version: Centos 7.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hello,
Today we discovered that after last clamav update we have many false positive emails. Basicly all pdf atttachements where tagged as virus - Blocked INFECTED (Win.Exploit.CVE_2019_0903-6966169-0) {DiscardedInternal,Quarantined})

freshclam
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
daily.cld is up to date (version: 25462, sigs: 1582158, f-level: 63, builder: raynman)
bytecode.cld is up to date (version: 328, sigs: 94, f-level: 63, builder: neo)

This was first time we needed to restore mails from amavisd quarantine (mails are stored in sql database), we used amavisd-release tool whitch is included by default. Tool does't work out of box and needs several fixes. Please include them in future releases.
/usr/bin/amavisd-release
- $socketname = '/var/run/amavisd/amavisd.sock';
+ $socketname = '/var/run/amavisd/amavisd.socket';
- my $quar_type = $fn_suffix eq '.gz' ? 'Z' : $fn_path ne '' ? 'F' : '';
+ my $quar_type = $fn_suffix eq '.gz' ? 'Z' : $fn_path ne '' ? 'F' : 'Q';