F-secure logging

Lewis Bergman lbergman at wtxs.net
Tue Nov 5 12:57:27 GMT 2002


On Tuesday 05 November 2002 03:01 am, Carl Boberg wrote:
> Hi,
>
> Im trying really hard to make my F-secure log to the maillog as other
> scanners do, like:
>
> Nov  4 17:15:31 host-2 MailScanner[1163]: >>> Virus 'W32/Klez-H' found in
> file ./gA4HFT803745/coords.scr
>
> (this is a Sophos log entry)
>
> Has anyone any knowledge about how this could be done?
Well, The code that does the following should be in the next release I would
guess.

Nov  5 06:52:41 ns2 MailScanner[8374]: Virus and Content Scanning: Starting
Nov  5 06:52:41 ns2 MailScanner[8374]:
/var/spool/MailScanner/incoming/8374/gA5Cqch11332/eicar_com.zip->eicar.com
Infection: EICAR_Test_File
Nov  5 06:52:41 ns2 MailScanner[8374]: Virus Scanning: F-Prot found virus
EICAR_Test_File
Nov  5 06:52:41 ns2 MailScanner[8374]: Virus Scanning: f-prot found 1
infections
Nov  5 06:52:41 ns2 MailScanner[8374]: Virus Scanning: Found 1 viruses
Nov  5 06:52:41 ns2 MailScanner[8374]: Saved infected "eicar_com.zip" to
/var/spool/MailScanner/quarantine/20021105/gA5Cqch11332

This is with f-prot but my output from the wrapper looks identical to yours so
I would guess you might get the same output.
--
Lewis Bergman
Texas Communications
4309 Maple St.
Abilene, TX 79602-8044
915-695-6962 ext 115



More information about the MailScanner mailing list