MS reports not being sent to users
Eduardo Almeida
eduardo_simpsom_rj at YAHOO.COM.BR
Thu Aug 19 03:00:24 IST 2004
Hi all,
I'm installing MS with sendmail in a client and i'm having some
problems. When a message came with a blocked attachment the user don't
receive the stored.filename.message.txt file.
I'm using MS 4.31.6 in a Debian sarge environment.
The log follows:
Aug 18 22:31:03 msmachine sm-mta[7040]: i7J1UNBC007040:
from=<eduardo_simpsom_rj at yahoo.com.br>, size=282816, class=0, nrcpts=1,
msgid=<1092879007.4182.4.camel at xxx.xxx.xxx>, proto=SMTP, daemon=MTA,
relay=200165128064.user.veloxzone.com.br [200.165.128.64]
Aug 18 22:31:03 msmachine sm-mta[7040]: i7J1UNBC007040:
to=<localaddress at client.domain.com>, delay=00:00:39, mailer=smtp,
pri=312816, stat=queued
Aug 18 22:31:03 msmachine MailScanner[7043]: New Batch: Scanning 1
messages, 283372 bytes
Aug 18 22:31:03 msmachine MailScanner[7043]: Spam Checks: Starting
Aug 18 22:31:06 msmachine MailScanner[7044]: Using locktype = flock
Aug 18 22:31:14 msmachine MailScanner[7043]: Virus and Content Scanning:
Starting
Aug 18 22:31:14 msmachine MailScanner[7043]: Filename Checks:
Windows/DOS Executable (i7J1UNBC007040 alcupd.exe)
Aug 18 22:31:14 msmachine MailScanner[7043]: Filename Checks: Allowing
i7J1UNBC007040 msg-7043-1.txt
Aug 18 22:31:14 msmachine MailScanner[7043]: Other Checks: Found 1
problems
Aug 18 22:31:14 msmachine MailScanner[7043]: Saved entire message
to /var/spool/MailScanner/quarantine/20040818/i7J1UNBC007040
Aug 18 22:31:14 msmachine MailScanner[7043]: Saved infected "alcupd.exe"
to /var/spool/MailScanner/quarantine/20040818/i7J1UNBC007040
Aug 18 22:31:14 msmachine sendmail[7050]: i7J1VEno007050:
from=postmaster, size=974, class=0, nrcpts=1,
msgid=<200408190131.i7J1VEno007050 at msmachine.client.domain.com>,
relay=root at localhost
Aug 18 22:31:14 msmachine sendmail[7050]: STARTTLS=client, relay=
[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-
SHA, bits=256/256
Aug 18 22:31:14 msmachine sm-mta[7051]: STARTTLS=server,
relay=localhost.localdomain [127.0.0.1], version=TLSv1/SSLv3,
verify=NOT, cipher=DHE-RSA-AES256-SHA, bits=256/256
Aug 18 22:31:14 msmachine sm-mta[7051]: i7J1VEKY007051:
from=<postmaster at msmachine.disec.com.br>, size=1273, class=0, nrcpts=1,
msgid=<200408190131.i7J1VEno007050 at msmachine.client.domain.com>,
proto=ESMTP, daemon=MSA, relay=localhost.localdomain [127.0.0.1]
Aug 18 22:31:14 msmachine sendmail[7050]: i7J1VEno007050: to=postmaster,
delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30974, relay=
[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (i7J1VEKY007051 Message
accepted for delivery)
Aug 18 22:31:14 msmachine MailScanner[7043]: Notices: Warned about 1
messages
Aug 18 22:31:14 msmachine MailScanner[7043]: New Batch: Scanning 1
messages, 1896 bytes
Aug 18 22:31:14 msmachine MailScanner[7043]: Spam Checks: Starting
Aug 18 22:31:29 msmachine MailScanner[7043]: Virus and Content Scanning:
Starting
Aug 18 22:31:29 msmachine MailScanner[7043]: Filename Checks: Allowing
i7J1VEKY007051 msg-7043-2.txt
Aug 18 22:31:29 msmachine MailScanner[7043]: Uninfected: Delivered 1
messages
Aug 18 22:31:29 msmachine sendmail[7058]: i7J1VEKY007051: to=root,
delay=00:00:15, xdelay=00:00:00, mailer=local, pri=121273, dsn=2.0.0,
stat=Sent
As you can see the message cames to the msmachine with an .exe
attachment and is correctly detected by MS, but after the checks the
message goes to quarantine and a notice to the sysadmin (postmaster in
localhost) is sent. And no notification to the user is sent at all.
Can anyone help me eith this?
Thanks.
Best regards,
--
Eduardo Almeida <eduardo_simpsom_rj at yahoo.com.br>
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
More information about the MailScanner
mailing list