Silent viruses not silent anymore

Mon May 5 15:15:32 IST 2003

Hello,

I am running mailscanner-4.14-9 and just found out that the silent virus
setting is not working:
Silent Viruses = /etc/MailScanner/rules/viruses.to.delete.conf

# cat /etc/MailScanner/rules/viruses.to.delete.conf 
FromorTo: default W32/Klez W32/Yaha W32/Bugbear at MM W32/Braid W32/Korvar W32/Sobig W32/Lirva W32/Avril W32/Ganda W32/Lovgate W32/Gibe.gen at MM

I tried both with a Yaha and Gibe virus and I received 2 warnings.

Could this be related to a mod I made to SweepViruses.pm to translate
McAfee output to French (this used to work with previous versions):

# diff SweepViruses.pm SweepViruses.pm.orig
919,926d918
<   # Modif de Denis Beauchemin le 20021210
<   $currentline =~ s/Found the (.*) (virus) !!!/contient le \2 \1 !!!/;
<   $currentline =~ s/Found the (.*) worm !!!/contient le ver \1 !!!/;
<   # Modif de Denis Beauchemin le 20030103
<   $currentline =~ s/Found the (.*) trojan !!!/contient le cheval de Troie \1 !!!/;
<   # Modif de Denis Beauchemin le 20030313
<   $currentline =~ s/Found trojan or variant (.*) !!!/contient le cheval de Troie \1 !!!/;
<

Here is an excerpt from my log:
May  5 09:47:43 MailScanner[32466]: Virus and Content Scanning: Starting
May  5 09:47:44 MailScanner[32466]: McAfee said "/var/spool/MailScanner/incoming/32466/h45DldY00518/gibe.exe"
May  5 09:47:44 MailScanner[32466]: McAfee said "        Found the W32/Gibe.gen at MM virus !!!"
May  5 09:47:44 MailScanner[32466]: /h45DldY00518/gibe.exe        contient le virus W32/Gibe.gen at MM !!!
May  5 09:47:44 MailScanner[32466]: Virus Scanning: McAfee found 1 infections
May  5 09:47:44 MailScanner[32466]: Virus Scanning: Found 1 viruses
May  5 09:47:44 MailScanner[32466]: Filename Checks: Fichiers EXE dangereux (gibe.exe)
May  5 09:47:44 MailScanner[32466]: Other Checks: Found 1 problems
May  5 09:47:44 MailScanner[32466]: Saved infected "gibe.exe" to /quarantaine/usherbrooke/20030505/h45DldY00518
May  5 09:47:44 MailScanner[32466]: Uninfected: Delivered 2 messages
May  5 09:47:44 MailScanner[32466]: Cleaned: Delivered 1 cleaned messages
May  5 09:47:44 MailScanner[32466]: Sender Warnings: Delivered 1 warnings to virus senders

Thanks again!

Denis
-- 
Denis Beauchemin, analyste
Université de Sherbrooke, S.T.I.
T: 819.821.8000x2252 F: 819.821.8045