Error with EMTPY_MESSAGE
Alex Broens
ms-list at alexb.ch
Sat Sep 13 15:52:16 IST 2008
On 9/13/2008 4:42 PM, Glenn Steen wrote:
> 2008/9/13 Hugo van der Kooij <hvdkooij at vanderkooij.org>:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hugo van der Kooij wrote:
>>> Hi,
>>>
>>> It seems to me that SA is flagging just about any message as EMPTY_MESSAGE.
>>>
>>> Is anyone else seeing this too?
>> I just had quite a bit of a discussion about malware that just walks
>> past MailScanner with multiple AV scanners active.
>>
>> It seems that it might be related to postfix. Where MailScanner is
>> trying to decode postfix queue files but not doing the right thing.
>>
>> My result on 3 sample queue files was 0% through MailScanner. But
>> decoding them with postcat allowed me to hit 100% of the files.
>>
>> So the issue may require all postfix users to look very carefully into
>> their messages and the ability to scan them properly.
>>
>> Hugo.
>>
> Can I get a sample, please? Send it off-list.
> Do you do milters? Which milters? Version of postfix?
Glenn, I see this on Postfix 2.5.2
Snertsoft milter-link rejecting, no tagging, etc, so no modifying of the
msg.
If Hugo hasn't sent the samples, let me know.
Alex
More information about the MailScanner
mailing list