Hacked in virus scanner, now it won't clean

Julian Field mailscanner at ecs.soton.ac.uk
Wed Dec 4 16:17:57 GMT 2002

My guess would be that's it not extracting the infected filename out of the
virus scanner report properly.

At 16:01 04/12/2002, you wrote:
>I may not understand some of the options in v4, so bare with me:
>I've looked into the archives and found no real help on this one, so
>here's my problem.
>I've added support for Symantec Carrier Scanner, which is working great
>in 3.22-14 in production (200K messages per day)
>I've gotten 4.10-1 patched and it DOES scan, but the infected messages
>still get delivered.  Here is what the log shows:
>mailscanner[5744]: New Batch: Scanning 1 messages, 121180 bytes
>mailscanner[5744]: Spam Checks: Starting
>mailscanner[5744]: Virus and Content Scanning: Starting
>mailscanner[5744]: Infected:
>mailscanner[5744]: Info:      W32.Klez.H at mm
>mailscanner[5744]: Virus Scanning: symcmd found 1 infections
>mailscanner[5744]: Virus Scanning: Found 1 viruses
>mailscanner[5744]: Uninfected: Delivered 1 messages
>It looks like mailscanner did recognize that the virus scanner (called
>symcmd here) found a virus, but the last line seems to show it regards
>it uninfected and sends it along as such.
>The received messages has the infected file attached and mailscanner has
>tagged the messages as "Found to be clean".
>If this is a simple conf file issue, I'll feel stupid, but thankful.
>Thomas J. DuVally
>Lead Systems Prog.
>CIS, Brown Univ.

Julian Field
MailScanner thanks transtec Computers for their support

More information about the MailScanner mailing list