Problems with Bitdefender

Denis Beauchemin Denis.Beauchemin at USHERBROOKE.CA
Tue May 31 16:39:49 IST 2005 

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Denis Beauchemin wrote:

> Hello,
>
> I run Bitdefender and McAfee on my MS servers (4.35.5 and 4.34.4).  
> This morning I noticed my quarantine dir getting bigger.
>
> Since I don't quarantine virus infected messages, it had to be 
> something else.  Turns out it was an undetected virus by McAfee 
> (another one).  Bitdefender was catching it (last updated this morning 
> at 10:41 and file was quarantined at 11:02) but MS still quarantined it.
>
> Is there something wrong with MS' virus detection with Bitdefender?
>
> Denis
>
Some log information:
May 31 11:28:36 smtpe2 sendmail[12101]: j4VFSYb7012101: 
from=<questions at cheapnfltickets.com>, size=25281, class=0, nrcpts=1, 
msgid=<pawpouljezuwqpmljyc at usherbrooke.ca>, proto=SMTP, daemon=MTA, 
relay=host18-9.pool80207.interbusiness.it [80.207.9.18]
May 31 11:28:36 smtpe2 sendmail[12101]: j4VFSYb7012101: to=<...>, 
delay=00:00:01, mailer=relay, pri=55281, stat=queued
May 31 11:28:40 smtpe2 MailScanner[8358]: 
/var/spool/MailScanner/incoming/8358/./j4VFSYb7012101/20_04_2005.exe  
infected: Win32.Bagle.BO at mm
May 31 11:28:40 smtpe2 MailScanner[8358]: 
/var/spool/MailScanner/incoming/8358/./j4VFSYb7012101/5.zip=>20_04_2005.exe   
infected: Win32.Bagle.BO at mm
May 31 11:28:40 smtpe2 MailScanner[8358]: Infected message 
j4VFSYb7012101 came from 80.207.9.18
May 31 11:28:40 smtpe2 MailScanner[8358]: Filename Checks: Fichiers EXE 
dangereux (j4VFSYb7012101 20_04_2005.exe)
May 31 11:28:40 smtpe2 MailScanner[8358]: Saved entire message to 
/quarantaine/usherbrooke/20050531/j4VFSYb7012101
May 31 11:28:40 smtpe2 MailScanner[8358]: Saved infected 
"20_04_2005.exe" to /quarantaine/usherbrooke/20050531/j4VFSYb7012101
May 31 11:28:40 smtpe2 MailScanner[8358]: Saved infected "5.zip" to 
/quarantaine/usherbrooke/20050531/j4VFSYb7012101
May 31 11:28:41 smtpe2 sendmail[12174]: j4VFSYb7012101: to=<...>, 
delay=00:00:06, xdelay=00:00:00, mailer=relay, pri=145281, 
relay=courriel.usherbrooke.ca. [132.210.244.161], dsn=2.0.0, stat=Sent 
(j4VFSf105362 Message accepted for delivery)

Denis

-- 
   _
  °v°   Denis Beauchemin, analyste
 /(_)\  Université de Sherbrooke, S.T.I.
  ^ ^   T: 819.821.8000x2252 F: 819.821.8045



------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

    [ Part 2, "S/MIME Cryptographic Signature"  ]
    [ Application/X-PKCS7-SIGNATURE  4.4KB. ]
    [ Unable to print this part. ]

More information about the MailScanner mailing list