Virus being missed. (assumed)

Scott Silva ssilva at SGVWATER.COM
Mon Mar 7 19:26:58 GMT 2005

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Matt Kettler wrote:
> At 01:30 PM 3/4/2005, David Curtis wrote:
>> I think I have a virus that is being missed by mailscanner/clamav.
>> Mailscanner tags it as spam: X-SBSD-MailScanner-SpamCheck: spam,
>> SpamAssassin (score=7.065, required 3.75,
>>  BAYES_60 0.37, DCC_CHECK 2.17, HTML_90_100 0.02, HTML_MESSAGE 0.00,
>> The attachment has a rar file seams to be a randomly generated number
>> with
>> a file dddd.exe in it.
> Do you have the external unrar utility installed? (note: the latest version
> of rar costs, but there is a freeware command-line unrar for *nix)
> See:
> ClamAV's built-in rar support doesn't support the newer rar3 format, so you
> need to install the external unrar utility and then
> edit  /usr/lib/MailScanner/clamav-wrapper to enable the --unrar parameter.
> You can use this site to send a rared eicar file.. It wasn't caught by
> clamav until I added external unrar support.

I guess this is another plug for having multiple virus scanners installed.
The above test from info-techs gets stopped by McAfee and BitDefender.

"If you have ever eaten crow,
It don't taste like chicken!!"

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ ( and
the archives (

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list