Issues with virus/trojan in mail

The ClamAV scanner in the REDDOXX appliance has found a virus/trojan or has not found a virus/trojan in a mail.

ClamAV is used to scan mails for malicious files and can scan in attachments, if configured in the appliance.
There are cases, where ClamAV reports a mail as harmful where the user is certain that the mail does not have a virus/trojan.
Furthermore, it is also possible, that ClamAV does not find a malicious file.

In case the ClamAV finds a malicious mail:
If you are sure, that ClamAV is wrong, you may deliver the mail and save the mail for further inspection.
Check if there are known issues with the result that ClamAV provided.
Only deliver the mail if you are aware of potential risks.
You may check the mail in online virusscan tools where hundreds of scanners do a parallel inspection and show further results.
If ClamAV has made a false positive, you may report this directly to ClamAV: http://www.clamav.net/reports/fp
In case the ClamAV does not reported a malicious file:
False negatives can be reported to https://www.clamav.net/reports/malware .
But make sure, that the Virusscanner in the appliance is configured for scanning attachments, if it happens to be a malicious attachment.

Especially in companies it is recommended not to trust only in one scanner.
It might also be helpful to better trust a possible false positiv instead of risking the company to be infected with a virus or trojan, even if wellknown scanner do report the mail as clean.
The risk of compromised clients and servers is to be considered always.