The zoo has detected one virus via an email in a year, since the mail server blocks microsoft (microshit) attachments and we hate microsoft products having a scanner is a bit of a waste of time since it is something it will not find.
But .. after the upgrade to buster (my blog) all the updates stopped (my blog) or the config got passed over and is not the most important thing in the universe to fix. Since the server only gets definition updates four times a month i decided it was time to have antivirus in buster rather than continue with useless cron warnings about missing gpg keys four times a month.
I deleted the extra clamd debian package, set up some logins and used the recent script from extemeshok which now is on version 6 and have used in the past being version 2 something. Things look happy and after ninety minutes i seem to have more definitions and yara rules once again.
I expect the virus scanner to do nothing most of the time as it did beforehand since most viruses seem to be opportunistic and usually sent from badly configured mail servers when they get emailed and so the mail server rules kick in and reject them before payload and does not get the scanner to run..
Maybe there will be a resurgence in them ? but the zoo is covered now.
It seems packaging is not a cure for virus software. Since i spent very little time worrying about awful microsoft code from microsoft i think ninety minutes a year is more than ample and reminds me that microsoft products cannot be trusted.