Lots of MAILER-DAEMON messages
Julian Field
mailscanner at ecs.soton.ac.uk
Wed Aug 6 23:55:54 IST 2003
At 23:14 06/08/2003, you wrote:
>I installed MailScanner 3.21
3.21 has got to be over a year old, and is no longer actively supported.
There is an installation guide for version 4 on www.mailscanner.info and I
would recommend you remove version 3 and install version 4 instead, unless
you really have put a lot of time into it and are prepared to run with a
very old version.
> a couple of days ago on my Cobalt RaQ4r
>(Linux) and it has been working fine, however, ever since I have been
>receiving a lot of messages generated only to me and not any users
>(thank you). I'm sure I am getting the messages because they all seem to
>be related to undeliverable messages after trying the local host name
>for delivery, which is my mailboxes.
>
>Anyway, there are basically two messages that get generated constantly
>throughout the day. The first tells me that I have sent a virus, which I
>haven't:
>
>========================START MESSAGE
>From: "MailScanner" <postmaster>
>To: <me at example.com>
>Subject: Warning: E-mail viruses detected
>Our virus detector has just been triggered by a message you sent:-
> To: <fr at hre.e>
> Subject: (On many systems, the PPP Adapter is
> Date: Wed Aug 6 18:00:46 2003
>Any infected parts of the message have not been delivered.
>
>This message is simply to warn you that your computer system may have a
>virus present and should be checked.
>
>The virus detector said this about the message:
>Report: /home/spool/MailScanner/incoming/h76M0Df02980/has.bat
>Infection: W32/Klez.H at mm Batch files are often mailicious in has.bat
3.21 might (I can't remember) have a concept of "Silent Viruses" in the
configuration file. If it does, then add Klez to the list. Also, it is
banning "*.bat" files due to a rule saying that in filename.rules.conf.
>MailScanner
>Email Virus Scanner
>www.mailscanner.info
>========================END MESSAGE
>
>The second is a non-delivery message from MAILER-DAEMON:
>
>========================START MESSAGE
>From: Mail Delivery Subsystem <MAILER-DAEMON>
>To: postmaster
>Subject: Returned mail: see transcript for details
>Auto-Submitted: auto-generated (failure)
>The original message was received at Wed, 6 Aug 2003 18:03:40 -0400 from
>Stinson39 at Stinson.cpe.abrn.al.charter.com [68.119.76.158]
>
> ----- The following addresses had permanent fatal errors -----
><fr at hre.e>
> (reason: system config error)
>
> ----- Transcript of session follows -----
>553 5.3.5 hre.e.example.com. config error: mail loops back to me (MX
>problem?) 554 5.3.5 <fr at hre.e>... Local configuration error
>========================END MESSAGE
That implies that your mail configuration is wrong. Check the DNS records
for your domain, particularly the MX records. Also, use a command such as
"sendmail -bv fr at hre.e" to see how it thinks it is going to deliver that
message.
--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
More information about the MailScanner
mailing list