Virus scanning / Upgrade to version 4.45
R.A.Gardener at SHU.AC.UK
Tue Sep 6 12:10:32 IST 2005
thanks for your response and apologies for the delay in getting back to
I don't think that there is anything wrong with MailScanner in detecting
eicar; but I do think
that I may have configured the software wrongly and I want turn up the
vevels to pinpoint the problem.
The logs say
Sep 6 11:10:03 sequoia MailScanner: Spam Checks: Starting
Sep 6 11:10:03 sequoia MailScanner: Virus and Content Scanning:
Sep 6 11:10:03 sequoia MailScanner: Uninfected: Delivered 1
Sep 6 11:10:11 sequoia MailScanner: New Batch: Scanning 1
Note the pseudo-virus in the mail (eicar) is detected by the antivirus
solution on the
destination Exchange server.
Sheffield Hallam University
0114 225 4926
On Fri, 2 Sep 2005, Julian Field wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Do the logs say it has been cleaned and delivered? Or do they say it
> has been delivered as uninfected?
> I have just done a quick sanity test on a new box I have just built
> with 4.54 on it and it works fine with Sophos, ClamAV and F-Prot on
> it. All of them detect what I expect them to.
> On 2 Sep 2005, at 12:57, Ray Gardener wrote:
>> This morning I upgraded to version 4.45 on a Solaris 9 machine. I
>> tested the upgrade with a message carrying a eicar ladened
>> attachment. The upgraded installation has not picked this test
>> virus up. There is no urgent issue as this is just one of several
>> hubs and the others are working. However I need to have this
>> machine back in line, fairly soon.
>> The mailscanner logs which are going to /var/log/syslog don't show
>> a problem and claim that mail is being virus scanned; my scanner
>> type is set to sophos. Is there a way that I can configure
>> syslogging to show wht underlying processes are being called in
>> more detail?
>> I have not tested the anti-spam scanning and I have no alternative
>> anti-virus engines on the machine to see whether this issue is
>> specific to sophos. (Note that the scanning did work before the
> - --
> Julian Field
> Buy the MailScanner book at www.MailScanner.info/store
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.0.2 (Build 2425)
> -----END PGP SIGNATURE-----
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
> Support MailScanner development - buy the book off the website!
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner