A cautionary tale of Sophos and MS
MailScanner at ecs.soton.ac.uk
Mon Feb 6 11:40:06 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
On 6 Feb 2006, at 11:22, Peter Bates wrote:
> Hello all...
> I arrived in this morning to assorted clamouring about
> a lack of external email.
> Looking closer, I could see that after the autoupdate of Sophos
> on Saturday night just after midnight, the version was 'out of date'
> so started throwing:
> Feb 4 00:08:03 postbox MailScanner: SophosSAVI::ERROR:: The
> main body of virus data is out of date (542)::
> End result was all our external (in/out) email over the weekend has
> disappeared into the great bitbucket in the sky as this was then
> as a 'Silent virus' and not quarantined.
> Entirely my fault for not updating Sophos for a couple of months, but
> might be something worth considering to include in 'Allowed Sophos
> Messages' if you're a Sophos user... that or still quarantine silent
> viruses and clear the quarantine out from time to time.
Eek! Sorry that happened. I have added that text to the list I supply
in the sample line just above the real line.
Do you think I should make the default setting this:
Allowed Sophos Error Messages = "corrupt", "format not supported",
"File was encrypted", "The main body of virus data is out of date"
Any there that shouldn't be there by default?
Your thoughts please...
Buy the MailScanner book at www.MailScanner.info/store
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.4 (Build 4042)
-----END PGP SIGNATURE-----
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner