virus detection reporting wrong scanner

Paul Hutchings paul.hutchings at mira.co.uk
Tue Sep 2 17:39:42 IST 2008 

Interestingly (or not) it seems that reports are saying when infections
are detected by avg, but still nothing on vba32 despite maillog saying
that clamd, vba32 and avg detected infections.

-----Original Message-----
From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jeff
Mills
Sent: 01 September 2008 23:33
To: MailScanner discussion
Subject: RE: virus detection reporting wrong scanner

 

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info 
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf 
> Of Paul Hutchings
> Sent: Monday, 1 September 2008 11:03 PM
> To: MailScanner discussion
> Subject: RE: virus detection reporting wrong scanner
> 
> The lint seems to check out just fine.  Maybe my 
> understanding is wrong, but I thought that if multiple 
> engines caught a virus in a message it listed that multiple 
> engines had detected something in the report that's sent to 
> postmaster (or wherever) - all I know is I have an entry in 
> maillog by vba32 saying it detected a virus, at the same time 
> an email was deleted and a report sent to postmaster saying 
> it was because clam32 had detected a virus - yet there's no 
> report in the postmaster mailbox that mentions vba32.
> 

I have a similar issue, but have never bothered with it.
Clamav finds a virus, and MailScanner reports that F-Prot and
Bitdefender find it too.


Sep  2 03:16:53 sam MailScanner[8070]: Clamd::INFECTED::
Email.Spam.Gen3737.Sanesecurity.08072802.StormSpam FOUND ::
./8C34AD3E132.E90B8/
Sep  2 03:16:53 sam MailScanner[8070]: Virus Scanning: Clamd found 1
infections
Sep  2 03:16:53 sam MailScanner[8070]: Virus Scanning: F-Prot found 1
infections
Sep  2 03:16:53 sam MailScanner[8070]: Virus Scanning: Bitdefender found
1 infections
Sep  2 03:16:53 sam MailScanner[8070]: Infected message
8C34AD3E132.E90B8 came from 88.243.8.69
Sep  2 03:16:53 sam MailScanner[8070]: Virus Scanning: Found 1 viruses
Sep  2 03:16:53 sam MailScanner[8070]: Virus Scanning completed at 3371
bytes per second
Sep  2 03:16:53 sam MailScanner[8070]: Viruses marked as silent: Clamd:
message was infected:
-- 
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 

-- 
MIRA Ltd

Watling Street, Nuneaton, Warwickshire, CV10 0TU, England.

Registered in England and Wales No. 402570
VAT Registration  GB 114 5409 96

The contents of this e-mail are confidential and are solely for the use of the intended recipient.
If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax.
You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited.

More information about the MailScanner mailing list