New beta release (F-Prot and Sophos/SAVI)

Julian Field mailscanner at ecs.soton.ac.uk
Sat Mar 29 20:50:04 GMT 2003 

At 19:50 29/03/2003, you wrote:
>Mar 29 20:36:50 master MailScanner[8187]: MailScanner E-Mail Virus Scanner
>version 4.14-8 starting...
>Mar 29 20:36:50 master MailScanner[8187]: Error in configuration file line
>264, directory /usr/local/Sophos/ide for sophoside does not exist (or is
>not readable)
>Mar 29 20:37:00 master MailScanner[8209]: MailScanner E-Mail Virus Scanner
>version 4.14-8 starting...
>Mar 29 20:37:00 master MailScanner[8209]: Error in configuration file line
>264, directory /usr/local/Sophos/ide for sophoside does not exist (or is
>not readable)

To fix that, in ConfigDefs.pl move the sophoside and sophoslib lines to the
"Simple,Other" section instead of the "Simple,Dir" section.

>I also noticed when i use the new setting:
>
>Include Scanner Name In Reports = yes
>
>It only reported one virus in the log, but i sended a test zip with 6. :)
>
>Mar 29 20:43:29 master MailScanner[8749]: Virus Scanning: F-Prot found
>virus W32/Klez.H at mm
>Mar 29 20:43:29 master MailScanner[8749]: Virus Scanning: f-prot found 6
>infections
>Mar 29 20:43:29 master MailScanner[8749]: Virus Scanning: Found 6 viruses
>
>In the report file its okay:
>
>     Report:
>
>             F-Prot:
>/var/spool/MailScanner/incoming/8749/h2TJhO209027/scanner.zip->MSO-Patch-0071.exe
>Infection:W32/Lirva.D at mm
>             F-Prot:
>/var/spool/MailScanner/incoming/8749/h2TJhO209027/scanner.zip->name.exe
>Infection: W32/Klez.H at mm
>             F-Prot:
>/var/spool/MailScanner/incoming/8749/h2TJhO209027/scanner.zip->setup.exe
>Infection: W32/Klez.H at mm
>             F-Prot:
>/var/spool/MailScanner/incoming/8749/h2TJhO209027/scanner.zip->SQL_4_Free.scr
>Infection: W32/Lentin.H at mm
>             F-Prot:
>/var/spool/MailScanner/incoming/8749/h2TJhO209027/scanner.zip->width.pif
>Infection: W32/Klez.H at mm
>             F-Prot:
>/var/spool/MailScanner/incoming/8749/h2TJhO209027/scanner.zip->you.exe
>Infection: W32/Klez.H at mm
>
>But i guess the others also should be added in the logfile ? And not only
>reporting it found one Klez, in fact it found 4 x Klez, 1 x Lentin and 1 x
>Lirva...

Not sure about that one, something odd must be happening. It's only
cosmetic though...


>Besides that its running ok it seems :)
>
>To keep all the same i would also suggest to convert the one lowercase:
>
>Virus Scanning: f-prot found 6 infections
>
>Into
>
>Virus Scanning: F-prot found 6 infections

--- SweepViruses.pm    Sat Mar 29 15:47:30 2003
+++ SweepViruses.pm.new     Sat Mar 29 20:13:21 2003
@@ -490,7 +493,8 @@
                                 $rCounter, $disinfect);
      $counter += $result;
      MailScanner::Log::InfoLog("%s: %s found %d infections", $logtitle,
-                              $scanner, $$rCounter) if $$rCounter;
+                              $Scanners{$scanner}{Name}, $$rCounter)
+      if $$rCounter;
    }

    return $counter;



>   =)
>
>Bye,
>Raymond.

--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support

More information about the MailScanner mailing list