Release 4.50.9 : Re: Worm.VB-8 not detected by filename or filetype

Julian Field MailScanner at
Wed Jan 18 17:40:37 GMT 2006

Dhawal Doshy wrote:
> Dhawal Doshy wrote:
>> Dhawal Doshy wrote:
>>> Julian Field wrote:
>>>> I have just released 4.50.9 which will decode the UU-encoded file  
>>>> attached to these messages, so that the virus scanners should all  
>>>> catch it, filename traps will work on the .scr file inside the 
>>>> .bhx  file, filetype traps will work on it too.
>>> Just successfully upgraded a couple of production servers..
>> I notice this in the logs..
>> Jan 18 20:54:00 mx1 MailScanner[13545]: Infected message 
>> 73CEF28ABDE.D9736 came from
>> The IP address is blank :-(, i'll try and run this through the debug 
>> sometime later.
> The debug mode didn't tell me anything (apart from the EOCD thingy).. 
> how do i track this problem?
> Jan 18 22:40:53 mx2 MailScanner[21952]: Infected message 
> 77CE7288647.0EFC0 came from <== this is blank
> However the same thing works fine for spam 
Could the message have been generated on the server? If it is generated 
by invoking postfix (via the sendmail soft-link) directly, then there 
won't be any client IP as there was never an SMTP transaction.

Julian Field
Buy the MailScanner book at
Professional Support Services at
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list