possible corrupt sanesecurity defs
Julian Field
MailScanner at ecs.soton.ac.uk
Wed Feb 20 18:28:49 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Chris Yuzik wrote:
> Chris Yuzik wrote:
>> Our server downloaded what I believe to be either a corrupt
>> sanesecurity definition file or a valid file with a false-positive.
>> In any case, hundreds of messages were incorrectly tagged as
>> infected. Not a good day.
>>
>> How do I go about releasing these?
>>
>> And how can we prevent this from happening in the future?
>>
>> Any help would be much appreciated.
> I suppose I should point out that it hit on the rule
> "Email.Hdr.Sanesecurity.07021900"
>
>
What MTA are you using? Do you quarantine viruses at all? Do you
quarantine them as Raw Queue Files? All of this lot are in your
MailScanner.conf file.
Jules
- --
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.0 (Build 2158)
Comment: Use Thunderbird Enigmail to verify this message
Charset: ISO-8859-1
wj8DBQFHvHFrEfZZRxQVtlQRArX7AKCgUl3Mr1Udy1226jhGVUkt1IP7QgCfQZqb
znH6KxhHWD4e4di5VsCQJGI=
=mlGj
-----END PGP SIGNATURE-----
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list