Mailscanner/Sophos detecting fewer and fewer viruses every day???
Antony Stone
Antony at SOFT-SOLUTIONS.CO.UK
Fri Aug 8 20:23:41 IST 2003
On Friday 08 August 2003 8:00 pm, f ewf wrote:
> My mailscanner installation is exhibiting behavior which may be symptoms of
> malfunctioning. When I first installed mailscanner + sophos three weeks
> ago mailscanner-mrtg reported 840 finds the first day, 840 the second, 620
> the third, 420 the fourth, 250 the fifth, 210 the sixth.
>
> Are these normal virus detection patterns, or is something configured
> incorrectly or malfunctioning?
If you're doubtful about whether Sophos is working correctly, try adding
another virus scanning engine to the system and see if anything gets picked
up by one and not the other. I recommend you try ClamAV - it's free, it's
Open Source, and in the past few months it's become tremendously better, with
some pretty prompt updates in the past few weeks as well.
One possible explanation for your diminishing virus detection rates is that
internal machines are not getting infected and then trying to send the
viruses out again? What anti-virus measures did you have in place before
implementing MailScanner & Sophos?
> What percentage of mail, on average, is a virus?
That depends a lot on whether you're measuring incoming or outgoing mail, or
both. I see something like 2%, for both inbound & outbound mail (but I have
no idea whether that's considered "normal").
Regards,
Antony.
--
If the human brain were so simple that we could understand it,
we'd be so simple that we couldn't.
More information about the MailScanner
mailing list