syslog reporting of viruses found
Julian Field
jkf at ecs.soton.ac.uk
Fri Jan 4 15:22:48 GMT 2002
At 15:19 04/01/2002, you wrote:
>I have noticed that if a file extension is being blocked (e.g. \.exe$)
>and an infected attachment arrives with that extension (e.g.
>zacker.exe), the syslog report says that there are two viruses found:
>
>Jan 4 08:14:29 mail2.ihs.com mailscanner[25522]: >>> Virus
>'W32/Maldal-G' found in file ./g04FEIrM025524/ZaCker1.exe
>Jan 4 08:14:29 mail2.ihs.com mailscanner[25522]: .exe file in
>ZaCker1.exe
>Jan 4 08:14:29 mail2.ihs.com mailscanner[25522]: Found 2 viruses in
>messages g04FEIrM025524
>
>This isn't a big deal, but just wanted to make you aware of it, if you
>weren't already.
I decided not to change it as doing so would break people's automatic log
analysis scripts.
> I do like the fact that the syslog now reports when
>attachments are quarantined due to the filename.rules.conf file.
>
>Thanks,
>
>Dustin Baer
>Unix Administrator
>Information Handling Services
>15 Inverness Way East
>Englewood, CO 80112
>303-397-2836
--
Julian Field Teaching Systems Manager
jkf at ecs.soton.ac.uk Dept. of Electronics & Computer Science
Tel. 023 8059 2817 University of Southampton
Southampton SO17 1BJ
More information about the MailScanner
mailing list