For the past two days, messages with FakeAlert in an attachment have gotten past antivirus and placed into the Spam/Junk folder in mailboxes. AVG on individual workstations detects the threat and locks down Zimbra Desktop or Outlook application from sync-ing new mail from the mailbox.
Users are having to open their mailbox via the web mail interface, and manually delete the infected message from the Spam/Junk folder before their regular mail client (ZD or Outlook with ZCO) will re-sync with the server.
What can we do to combat this threat?
My setup: ZCS 5.0.18 GA Network Edition on Ubuntu Server 6.06 LTS w/ ClamAV 0.95.1
Definitions are seeming to be updated every two hours, according to clamd.log in /opt/zimbra/log/clamd.log.