BitDefender and f-prot

Rick Cooper rcooper at
Tue Jun 5 18:52:59 IST 2007

I noticed something odd while testing the clamd stuff that has me pulling my
hair out.

Bitdefender is not finding any eicar infections and f-prot only finds
infected .zips not .rar. I will find the infected file in a rar since
MailScanner unrars them. Both scanners work perfectly when called from the
command line and when the wrapper is called from the command line. If I log
the incoming lines the parser sees f-prot doesn't seem to even see the rar
file and bitdefender scans everything but shows OK. To make it worse even
though f-prot sees the infected file that was in the rar file MailScanner
passes the rar back uninfected because it never ends up in {parts}.

Thinking it was a permissions problem I tried executing the wrapper as the
mail user and it works perfectly, tried running MailScanner as root and had
the same problem. I have no idea how long this could have been a problem
because exim catches the viruses at the door, and all three scanners find
the viruses when exim is in control.

Anyone have a clue where to look next? 

Rick Cooper

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list