possible corrupt sanesecurity defs

Julian Field MailScanner at ecs.soton.ac.uk
Wed Feb 20 18:28:49 GMT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Chris Yuzik wrote:
> Chris Yuzik wrote:
>> Our server downloaded what I believe to be either a corrupt 
>> sanesecurity definition file or a valid file with a false-positive. 
>> In any case, hundreds of messages were incorrectly tagged as 
>> infected. Not a good day.
>>
>> How do I go about releasing these?
>>
>> And how can we prevent this from happening in the future?
>>
>> Any help would be much appreciated.
> I suppose I should point out that it hit on the rule 
> "Email.Hdr.Sanesecurity.07021900"
>
>
What MTA are you using? Do you quarantine viruses at all? Do you 
quarantine them as Raw Queue Files? All of this lot are in your 
MailScanner.conf file.

Jules

- -- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.0 (Build 2158)
Comment: Use Thunderbird Enigmail to verify this message
Charset: ISO-8859-1

wj8DBQFHvHFrEfZZRxQVtlQRArX7AKCgUl3Mr1Udy1226jhGVUkt1IP7QgCfQZqb
znH6KxhHWD4e4di5VsCQJGI=
=mlGj
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list