SV: SV: SV: Changing konfiguration....... Warning!!

Julian Field mailscanner at
Sat Jul 13 15:35:41 IST 2002


Sorry, but this patch is fundamentally broken.
Messages are handled in batches, and in your code the commercial virus 
checker is called
         if scanning switched on
         and NoScanOnFile = off
         and number of infections found by filename.rules for whole batch 
of messages = 0
So if *any* of the messages were caught by filename.rules.conf, the 
expression above will be false and hence the commercial checkers will not 
be called for any message in the batch.

So if you get 5 messages in a batch, and 1 of them triggers a 
filename.rules.conf trap, then *none* of them will be scanned for viruses!

As a result viruses will get through MailScanner whenever your server is 
put under any significant load.

At 15:19 09/07/2002, you wrote:
>I havent had time to try it yet.....I was gona mail back and ask
>you how to apply it but been to busy at work
>As I said, Im newbie at unix so I really need a howto aproach =)
>Im still doing some fine fixing on mailscann but I have to
>put my normal work in prority  =)
> > -----Ursprungligt meddelande-----
> > Från: tal at MUSICGENOME.COM [mailto:tal at MUSICGENOME.COM]
> > Skickat: den 9 juli 2002 16:15
> > Ämne: Re: SV: SV: Changing konfiguration.......
> >
> >
> > Security warning. Details in WARNING.TXT about the possible problem.
> > --------------------------------------------------------------------
> > btw... did that patch work properly, or does it need fixing?
> > --
> > Tal Kelrich
> >
> > PGP Fingerprint: 3EDF FCC5 60BB 4729 AB2F  CAE6 FEC1 9AAC 12B9 AA69
> > PGP key-id: 12B9AA69
> >
> >

Julian Field                Teaching Systems Manager
jkf at         Dept. of Electronics & Computer Science
Tel. 023 8059 2817          University of Southampton
                             Southampton SO17 1BJ

More information about the MailScanner mailing list