MailScanner, ClamAV, and Sanesecurity
Ryan Weaver
ryanw at falsehope.com
Thu Jun 7 18:17:08 IST 2007
I've started using the Sanesecurity signatures that have been mentioned on
the list. I also use Vispan for its reporting and blocking features.
The problem I have run into is that in the maillog, when the Sanesecurity
signatures are matched the following is the output:
Jun 7 12:07:30 c01 MailScanner[7634]: Infected message
l57H05nK007460.header came from
Jun 7 12:07:30 c01 MailScanner[7634]: Infected message
l57H19sG007620.header came from
I'm glad that it's be caught and rejected, but Vispan reports no IP found
and block these sources.
Has anyone else run into this issue?
Running:
centos-release-4-4.3
mailscanner-4.60.8-1
spamassassin-3.2.0-1.el4.rf
clamav-0.90.3-1.el4.rf
Thanks,
Ryan
More information about the MailScanner
mailing list