Sophos and Corrupt Files

Julian Field mailscanner at
Wed Feb 5 21:04:18 GMT 2003

At 19:04 05/02/2003, you wrote:
>The point is, we do see them here.  On the grand scheme of things, the
>number of corrupted documents is a small number compared to the number of
>documents that are fine and scan properly... but the ones that scan fine
>aren't the ones that complain to our Support Center.  It further doesn't
>help when I can take some of these documents and look at them fine with
>Acrobat Reader, but any other PDF tool won't even touch them... From the
>perspective of the users, who mostly use Reader around here), the file
>is okay and not corrupted, but the emails are saying they contain viruses
>(and they don't seem to read what the message actually says, which says
>the document is corrupt).  They see the {Virus?} in the subject line and
>basically freak out.  *shakes head*
>Anyways, maybe the newer verson of Sophos (3.66a) will help.
>-----Original Message-----
>>From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
>>Behalf Of Scott Adkins
>>   2) When Sophos comes back and says that the document couldn't be scanned
>>      for whatever reason, MailScanner simply labels the file as a virus
>>and      moves on.  I don't agree with this, as I think the administrator
>>is      the one that should decide how to handle these situations.  This
>>is      no different than how external MIME attachments are handled, since
>>      those attachments can't be scanned by the virus scanner as well.
>>What are the solutions to this problem?
>>   2) MailScanner should give us the option to allow documents that are
>>      unable to be scanned by the virus scanner through.  We are getting a
>>      lot of calls about this now to our Support Center, and it is being
>>      pushed through the higher ranks.  We are an educational institution,
>>      and what we think may be the right answer (i.e. no external MIME
>>      attachments, do filename checking, etc etc), politics dictate the
>>      policies.  Anyways, I think we need an option in the config file to
>>      allow these documents through.

Please try 3.66a to see if it improves things.
But if you want a list of allowable words to appear in the brackets after
the attachment name, just for Sophos use, then I could add that for you. It
would probably be a patch to start with, so you can try it out.

I would really like to see a resolution to this problem too :-)

Let me know what you think.
Julian Field
MailScanner thanks transtec Computers for their support

More information about the MailScanner mailing list