Infected files in received emails.

corianito

Registered
Mar 12, 2016
1
0
1
españa
cPanel Access Level
Reseller Owner
Forgive the translation, I use google translator.

We are bored of receiving so many infected files in the email, it seems that clamav is not filtering them.

These are files with a .doc extension and we believe that the virus in question is:

Emotet.

*Someone has any idea how to stop this?
*What happens to ClamAV that ignores infected emails?

Greetings!
 

doshikaran71

Registered
Aug 27, 2019
4
0
1
Mumbai
cPanel Access Level
Website Owner
I am also facing the same problem with my computer at my office. I am also searching problem for the solution. If you can help. Thank you in advance.
 
Last edited by a moderator:

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,271
313
Houston
Hello,

Your hosting provider in both cases would need to be involved in configuring ClamAV to scan your mail directory, even then it does not automatically scan inbound mail at reception, it scans on a cron schedule. You can read about the process here: Configure ClamAV Scanner - Version 84 Documentation - cPanel Documentation

As a reseller or as a website owner you don't get a lot of control over what can be used to scan as far as malware scanners are concerned.

Without involving your hosting provider you could potentially start flagging messages over a specific size as spam using SpamAsassin at cPanel>>Email>>Spam Filters ->
Additional Configurations (For Advanced Users) -> Configure Calculated Spam Scores Settings


Some details on the rules can be found here: SpamAssassin - Users - Rule to score word documents