problem with rules file
Martin Hierling
martin.hierling at fh-luh.de
Mon Aug 11 18:09:44 IST 2003
Hi List,
i´ve
Virus Scanning = %etc-dir%/rules/Virus_Scanning.rules
in my Mailscanner Config.
Thr rules file looks like:
To: martin at domain.de no
To: test at domain.de no
To: *@domain.de yes
# default score
To: default no
but mails send to test at domain.de get scanned!
Aug 11 16:59:02 vs3 MailScanner[818]: New Batch: Scanning 1 messages, 46728 bytes
Aug 11 16:59:02 vs3 MailScanner[818]: Spam Checks: Starting
Aug 11 16:59:03 vs3 MailScanner[818]: Virus and Content Scanning: Starting
Aug 11 16:59:04 vs3 MailScanner[818]: /var/spool/MailScanner/incoming/818/./19mG0P-0001Fv-3V/Transcripts.zip: Lirva-C FOUND
Aug 11 16:59:04 vs3 MailScanner[818]: Virus Scanning: ClamAV found 1 infections
Aug 11 16:59:04 vs3 MailScanner[818]: Virus Scanning: Found 1 viruses
Aug 11 16:59:04 vs3 MailScanner[818]: Filename Checks: Allowing msg-818-4.txt
Aug 11 16:59:04 vs3 MailScanner[818]: Filename Checks: Allowing Transcripts.zip
Aug 11 16:59:04 vs3 MailScanner[818]: Filetype Checks: No executables (Transcripts.zip)
Aug 11 16:59:04 vs3 MailScanner[818]: Filetype Checks: Allowing msg-818-4.txt
Aug 11 16:59:04 vs3 MailScanner[818]: Other Checks: Found 1 problems
Aug 11 16:59:04 vs3 MailScanner[818]: Saved entire message to /var/spool/MailScanner/quarantine/20030811/19mG0P-0001Fv-3V
Aug 11 16:59:04 vs3 MailScanner[818]: Saved infected "Transcripts.zip" to /var/spool/MailScanner/quarantine/20030811/19mG0P-0001Fv-3V
Aug 11 16:59:04 vs3 MailScanner[818]: Cleaned: Delivered 1 cleaned messages
Aug 11 16:59:04 vs3 MailScanner[818]: Notices: Warned about 1 messages
Entrys from Exim.log:
2003-08-11 16:58:49 19mG0P-0001Fv-3V <= mad at cc.fh-lippe.de H=uhura.cc.fh-lippe.de [193.16.112.77]:50532 P=esmtp S=46257 id=m19mG0K-0026g2C at sulu.cc.fh-lippe.de T="test1234" from <mad at cc.fh-lippe.de> for test at domain.de
2003-08-11 16:59:04 19mG0P-0001Fv-3V => test at domain.de F=<mad at cc.fh-lippe.de> R=force_path T=remote_smtp S=3360 H=epikur.domain.de [10.1.1.1] C="250 OK id=19mG0e-0001Gz-00"
2003-08-11 16:59:04 19mG0P-0001Fv-3V Completed
so, am i blind...? The Mail shoudn´t get scanned, right?
regards Martin
--
----------------------------------------------------------------
Verbosity leads to unclear, inarticulate things.
----------------------------------------------------------------
More information about the MailScanner
mailing list