Error with EMTPY_MESSAGE
Glenn Steen
glenn.steen at gmail.com
Sat Sep 13 15:42:23 IST 2008
2008/9/13 Hugo van der Kooij <hvdkooij at vanderkooij.org>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hugo van der Kooij wrote:
>> Hi,
>>
>> It seems to me that SA is flagging just about any message as EMPTY_MESSAGE.
>>
>> Is anyone else seeing this too?
>
> I just had quite a bit of a discussion about malware that just walks
> past MailScanner with multiple AV scanners active.
>
> It seems that it might be related to postfix. Where MailScanner is
> trying to decode postfix queue files but not doing the right thing.
>
> My result on 3 sample queue files was 0% through MailScanner. But
> decoding them with postcat allowed me to hit 100% of the files.
>
> So the issue may require all postfix users to look very carefully into
> their messages and the ability to scan them properly.
>
> Hugo.
>
Can I get a sample, please? Send it off-list.
Do you do milters? Which milters? Version of postfix?
Cheers
--
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
More information about the MailScanner
mailing list