Infected message Requeued
Gareth
list-mailscanner at linguaphone.com
Thu Jul 10 10:42:16 IST 2008
Dont use the debian stable version of Mailscanner it is not kept up to
date and version 4.55 is very old and may not work with with some latter
postfix and perl module versions.
On Thu, 2008-07-10 at 10:28, topper at libero.it wrote:
> Hello,
>
> I have a trouble using SaneSecurity signature for Phishing and Scam.
>
> My installation is Debian Etch with:
>
> Postfix 2.3.8-2+b1
> Clamav 0.93.1.dfsg-volatile1
> MailScanner 4.55.10-3 (from Debian Stable) and MailScanner MailScanner-4.70.7-
> 1 from tar.gz.
>
> This is the trouble:
>
> Jul 10 11:23:23 mx1 postfix/smtpd[22669]: 478BC4C245: client=unknown[x.x.x.
> x]
> Jul 10 11:23:29 mx1 postfix/cleanup[23212]: 478BC4C245: hold: header
> Received: from [x.x.x.x] (unknown [x.x.x.x])??by mx6.xxx.xx (Postfix) with
> ESMTP id 478BC4C245??for <com at xx.it>; Thu, 10 Jul 2008 11:22:39 +0200 (CEST)
> from unknown[x.x.x.x]; from=<Dunning-updm at FA-WHV.NIEDERSACHSEN.DE> to=<com at xx.
> it> proto=ESMTP helo=<x.x.x.x]>
> Jul 10 11:23:29 mx1 postfix/cleanup[23212]: 478BC4C245: message-id=<21CD3BE3.
> 51%Dunning-updm at FA-WHV.NIEDERSACHSEN.DE>
> Jul 10 11:23:36 mx1 MailScanner[22482]:
> /var/spool/MailScanner/incoming/22482/./478BC4C245.36DF1.message: Email.Spam.
> Gen2986.Sanesecurity.08041408 FOUND
> Jul 10 11:23:36 mx1 MailScanner[22482]: Infected message 478BC4C245.36DF1.
> message came from
> Jul 10 11:23:37 mx1 MailScanner[22482]: Requeue: 478BC4C245.36DF1 to
> C207D4C264
>
> As you can see the message is recognized as infected, but MailScanner Requeue
> the message. This occur only when is recognized infected with the Sanesecurity
> signature. When the message in recognized infected by a virus it is quarantined
> and not delivered as expected.
>
> The same thing occurs with del default package of MailScanner in Debian
> Stable and with the latest stable versione fro tar.gz.
More information about the MailScanner
mailing list