BitDefender and f-prot
Rick Cooper
rcooper at dwford.com
Tue Jun 5 18:52:59 IST 2007
I noticed something odd while testing the clamd stuff that has me pulling my
hair out.
Bitdefender is not finding any eicar infections and f-prot only finds
infected .zips not .rar. I will find the infected file in a rar since
MailScanner unrars them. Both scanners work perfectly when called from the
command line and when the wrapper is called from the command line. If I log
the incoming lines the parser sees f-prot doesn't seem to even see the rar
file and bitdefender scans everything but shows OK. To make it worse even
though f-prot sees the infected file that was in the rar file MailScanner
passes the rar back uninfected because it never ends up in {parts}.
Thinking it was a permissions problem I tried executing the wrapper as the
mail user and it works perfectly, tried running MailScanner as root and had
the same problem. I have no idea how long this could have been a problem
because exim catches the viruses at the door, and all three scanners find
the viruses when exim is in control.
Anyone have a clue where to look next?
Rick Cooper
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list