Error with EMTPY_MESSAGE
Glenn Steen
glenn.steen at gmail.com
Sat Sep 13 16:47:20 IST 2008
2008/9/13 Alex Broens <ms-list at alexb.ch>:
> On 9/13/2008 4:42 PM, Glenn Steen wrote:
>>
>> 2008/9/13 Hugo van der Kooij <hvdkooij at vanderkooij.org>:
>>>
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> Hugo van der Kooij wrote:
>>>>
>>>> Hi,
>>>>
>>>> It seems to me that SA is flagging just about any message as
>>>> EMPTY_MESSAGE.
>>>>
>>>> Is anyone else seeing this too?
>>>
>>> I just had quite a bit of a discussion about malware that just walks
>>> past MailScanner with multiple AV scanners active.
>>>
>>> It seems that it might be related to postfix. Where MailScanner is
>>> trying to decode postfix queue files but not doing the right thing.
>>>
>>> My result on 3 sample queue files was 0% through MailScanner. But
>>> decoding them with postcat allowed me to hit 100% of the files.
>>>
>>> So the issue may require all postfix users to look very carefully into
>>> their messages and the ability to scan them properly.
>>>
>>> Hugo.
>>>
>> Can I get a sample, please? Send it off-list.
>> Do you do milters? Which milters? Version of postfix?
>
> Glenn, I see this on Postfix 2.5.2
> Snertsoft milter-link rejecting, no tagging, etc, so no modifying of the
> msg.
>
> If Hugo hasn't sent the samples, let me know.
>
> Alex
>
Thanks Alex (and Jules), I'll have a look ASAP!
Cheers
--
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
More information about the MailScanner
mailing list