Virus repot e-mail
Mike Klinkert
michael at NOMENNESCIO.NET
Sun Jun 30 10:21:17 IST 2002
Hi again,
I've got another question. It's something that's not changed recently,
it's been like this since I've start using MailScanner (couple of
months). When an e-mail is sent with a double extension for instance,
the recipient receives a message with all the correct data (Sender,
Recipient, Subject, etc.). However, when a virus has been detected, the
message that is sent to the recipient (as well as the local postmaster),
does not contain all the correct data:
The following e-mail messages were found to have viruses in them:
Sender:
Recipient:
Subject:
MessageID: opt
Report: /opt/MailScanner-3.20-6/var/incoming/g5PHvNM14712/msg-3653-71.html Found application Exploit-MIME.gen.b.
/opt/MailScanner-3.20-6/var/incoming/g5PHvNM14712/LANGSPEELPLATEN Found the W32/Yaha.g at MM virus !!!
--
MailScanner
Email Virus Scanner
As you can see, the Sender, Recipient and Subject are all empty and the
MessageID is *always* "opt". When I look in
/opt/MailScanner/var/quarantine/<DATE>, I also notice a directory "opt",
as well as a directory which contains the viruses.
I'm using mcafee (installed in /opt/mcafee, I change the mcafeewrapper
script accordingly), for more details see a previous message to with I
attached the mailscanner.conf.linux.
BTW, the above report is an older message, since I now use
MailScanner-3.21-1.
--
Mike.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3315 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20020630/f45f0d28/smime.bin
More information about the MailScanner
mailing list