NOD32 2.01 with MailScanner not working yet...

Richard Bourque richard.bourque at MELLOUL.COM
Tue May 25 13:28:38 IST 2004


It doesn't look like nod32 2.01 is working with MailScanner yet.  When I
send through a zip file containing eicar.exe, a rar file containing
eicar.exe and a clean zip file containing a normal exe it catches it in
the logs but lets it through!  When I switch back to sophossavi everything
works okay.  This occurs with version 4.31.2-1.

Julian's pretty busy, and I'm more of a C++, C# programmer, so has anyone
else solved this problem?  Julian suspects it's in the ProcessNOD32Output
function, but I can't make heads or tails of it.  (yes, I will have to
learn Perl soon!)

May 19 15:30:49 gateway-c MailScanner[23454]: New Batch: Scanning 1
messages, 46700 bytes
May 19 15:30:49 gateway-c MailScanner[23454]: MCP Checks: Starting
May 19 15:30:49 gateway-c MailScanner[23462]: Using locktype = posix
May 19 15:30:49 gateway-c MailScanner[23462]: Creating hardcoded
struct_flock subroutine for linux (Linux-type)
May 19 15:30:50 gateway-c MailScanner[23454]: MCP Checks completed at
46700 bytes per second
May 19 15:30:50 gateway-c MailScanner[23454]: Spam Checks: Starting
May 19 15:31:15 gateway-c MailScanner[23454]: Spam Checks completed at
1868 bytes per second
May 19 15:31:16 gateway-c MailScanner[23454]: Virus and Content Scanning:
Starting
May 19 15:31:18 gateway-c MailScanner[23454]: ./1BQWm7-00066P-
Da/eicar.rar - Eicar test file
May 19 15:31:18 gateway-c MailScanner[23454]:   ./1BQWm7-00066P-
Da/eicar.rar -> RAR -> eicar.exe - Eicar test file
May 19 15:31:18 gateway-c MailScanner[23454]: ./1BQWm7-00066P-
Da/eicar.zip - Eicar test file
May 19 15:31:18 gateway-c MailScanner[23454]:   ./1BQWm7-00066P-
Da/eicar.zip -> ZIP -> eicar.exe - Eicar test file
May 19 15:31:18 gateway-c MailScanner[23454]: Virus Scanning: Nod32 found
4 infections
May 19 15:31:18 gateway-c MailScanner[23454]: Infected message 1BQWm7 came
from
May 19 15:31:18 gateway-c MailScanner[23454]: Virus Scanning: Found 4
viruses
May 19 15:31:18 gateway-c MailScanner[23454]: Filename Checks: Allowing
1BQWm7-00066P-Da msg-23454-1.txt
May 19 15:31:18 gateway-c MailScanner[23454]: Filename Checks: Allowing
1BQWm7-00066P-Da msg-23454-2.html (no rule matched)
May 19 15:31:18 gateway-c MailScanner[23454]: Filename Checks: Allowing
1BQWm7-00066P-Da eicar.rar (no rule matched)
May 19 15:31:18 gateway-c MailScanner[23454]: Filename Checks: Allowing
1BQWm7-00066P-Da eicar.zip
May 19 15:31:18 gateway-c MailScanner[23454]: Filename Checks: Allowing
1BQWm7-00066P-Da lgxcom.zip
May 19 15:31:18 gateway-c MailScanner[23454]: Filetype Checks: Allowing
1BQWm7-00066P-Da eicar.zip
May 19 15:31:18 gateway-c MailScanner[23454]: Filetype Checks: Allowing
1BQWm7-00066P-Da msg-23454-2.html
May 19 15:31:19 gateway-c MailScanner[23454]: Filetype Checks: Allowing
1BQWm7-00066P-Da lgxcom.zip
May 19 15:31:19 gateway-c MailScanner[23454]: Filetype Checks: Allowing
1BQWm7-00066P-Da eicar.rar
May 19 15:31:19 gateway-c MailScanner[23454]: Filetype Checks: Allowing
1BQWm7-00066P-Da msg-23454-1.txt
May 19 15:31:19 gateway-c MailScanner[23454]: Virus Scanning completed at
15566 bytes per second
May 19 15:31:19 gateway-c MailScanner[23454]: Uninfected: Delivered 1
messages
May 19 15:31:19 gateway-c MailScanner[23454]: Virus Processing completed
at 46700 bytes per second
May 19 15:31:19 gateway-c MailScanner[23454]: Disinfection completed at
46700 bytes per second
May 19 15:31:19 gateway-c MailScanner[23454]: Batch completed at 1556
bytes per second (46700 / 30)

-------------------------- MailScanner list ----------------------
To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/     and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html



More information about the MailScanner mailing list