So My Unitrends appliance just alerted me after an incremental backup that the "predictive analytics engine" has detected anomalies on my Groupwise server (SLES 12 SP3, Grouwpise 2018) which probabilistically matches the behavior of systems impacted by Ransomware. I need to check the mailboxes and really the entire server. I don't have Gwava (we use Mimecast), and I have no alerts of bad messages going to Mimecast or anything tagged from the firewall, which also scans in and out (everything). But I still need to do this just to be sure. Can I install ClamAV on the server and run some scans? I thought I saw somewhere ClamAV was actually part of SLES12? Is that correct? Anybody have it installed/using it on SLES12 and with Groupwise?