F-secure logging
Julian Field
mailscanner at ecs.soton.ac.uk
Tue Nov 5 14:53:06 GMT 2002
I have just added virus name logging for F-Secure.
Please don't all ask for the others, some of them are almost impossible due
to badly-designed virus scanner output by the manufacturers.
At 12:57 05/11/2002, you wrote:
>On Tuesday 05 November 2002 03:01 am, Carl Boberg wrote:
> > Hi,
> >
> > Im trying really hard to make my F-secure log to the maillog as other
> > scanners do, like:
> >
> > Nov 4 17:15:31 host-2 MailScanner[1163]: >>> Virus 'W32/Klez-H' found in
> > file ./gA4HFT803745/coords.scr
> >
> > (this is a Sophos log entry)
> >
> > Has anyone any knowledge about how this could be done?
>Well, The code that does the following should be in the next release I would
>guess.
>
>Nov 5 06:52:41 ns2 MailScanner[8374]: Virus and Content Scanning: Starting
>Nov 5 06:52:41 ns2 MailScanner[8374]:
>/var/spool/MailScanner/incoming/8374/gA5Cqch11332/eicar_com.zip->eicar.com
>Infection: EICAR_Test_File
>Nov 5 06:52:41 ns2 MailScanner[8374]: Virus Scanning: F-Prot found virus
>EICAR_Test_File
>Nov 5 06:52:41 ns2 MailScanner[8374]: Virus Scanning: f-prot found 1
>infections
>Nov 5 06:52:41 ns2 MailScanner[8374]: Virus Scanning: Found 1 viruses
>Nov 5 06:52:41 ns2 MailScanner[8374]: Saved infected "eicar_com.zip" to
>/var/spool/MailScanner/quarantine/20021105/gA5Cqch11332
>
>This is with f-prot but my output from the wrapper looks identical to yours so
>I would guess you might get the same output.
>--
>Lewis Bergman
>Texas Communications
>4309 Maple St.
>Abilene, TX 79602-8044
>915-695-6962 ext 115
--
Julian Field Teaching Systems Manager
jkf at ecs.soton.ac.uk Dept. of Electronics & Computer Science
Tel. 023 8059 2817 University of Southampton
Southampton SO17 1BJ
More information about the MailScanner
mailing list