Silent viruses are silent in logs as well?

Antony Stone Antony at SOFT-SOLUTIONS.CO.UK
Wed Jul 2 16:33:22 IST 2003

Hi all (and Julian in particular :)  )

Looking through my syslog files today I found something I think is strange,
and I'm not sure whether it qualifies as a bug or a feature of MailScanner :)

I use Clam (+ others) for antivirus scanning, and it says "FOUND" whenever a
virus is detected.

I grepped my syslog messages file for "FOUND" and got 27 entries for today.

Then I grepped for the MailScanner message "Virus Scanning: Found" and got 2
responses (both found only 1 virus).

It turns out the 2 occurrences of "Virus Scanning: Found 1 viruses" were for
viruses which aren't in my "Silent" list - all the other Clam messages were
for Sobig, which is listed as silent.

Is it correct that a silent virus isn't even reported as Found in the syslogs?

I think I'd prefer it if my syslogs told me everything my server had found,
even if it doesn't try to bounce back to the (false) sender...




Perfection in design is achieved not when there is nothing left to add,
but rather when there is nothing left to take away.

 - Antoine de Saint-Exupery

More information about the MailScanner mailing list