glenn.steen at gmail.com
Mon Feb 9 19:22:58 GMT 2009
2009/2/9 jeroen <techgeeks at tomaatman.org>:
> Glenn Steen schreef:
>> 2009/2/9 jeroen <techgeeks at tomaatman.org>:
>>> I'm using MailScanner with BitDefender Antivirus Scanner for Unices
>>> To get scanning working I had to edit the path in virus.scanners.conf to
>>> /opt/BitDefender-scanner/bin. After that is seems to work, the message
>>> scanned and the EICAR test virus gets detected, but the infected mail
>>> somehow isn't moved to the quarantine.
>>> I also tested it with ClamAV and this works well.
>>> Feb 9 02:40:16 pino MailScanner: New Batch: Scanning 1 messages,
>>> Feb 9 02:40:18 pino MailScanner: Virus and Content Scanning:
>>> Feb 9 02:40:22 pino MailScanner:
>>> EICAR-Test-File (not a virus)
>>> Feb 9 02:40:22 pino MailScanner: Virus Scanning: Bitdefender found
>>> Feb 9 02:40:22 pino MailScanner: Virus Scanning: Found 1 viruses
>>> Feb 9 02:40:22 pino MailScanner: Requeue: 1670912E1BD.2CEAC to
>>> Feb 9 02:40:22 pino postfix/qmgr: 9402712E1BE:
>>> from=<xxxx at xxxxx.org>, size=1481, nrcpt=1 (queue active)
>>> Feb 9 02:40:22 pino MailScanner: Uninfected: Delivered 1 messages
>>> Feb 9 02:40:22 pino MailScanner: Logging message 1670912E1BD.2CEAC
>>> Feb 9 02:40:22 pino postfix/local: 9402712E1BE:
>>> to=<xxxx at xxxx.org>, relay=local, delay=7.5, delays=7.5/0.02/0/0.02,
>>> dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail)
>>> Feb 9 02:40:22 pino postfix/qmgr: 9402712E1BE: removed
>>> Any thoughts on this?
>> That is the "not so free" version of BDC, so ... that it needed
>> amending in the virus.scanners.conf isn't surprising:-).
>> What version of MailScanner are you using? ISTR some similar troubles
>> a while back (for some AV scanners), that might've been fixed in a
>> newer release.
>> If you are fairly current (like the latest stable), you could always
>> send a fully licensed version of it to Jules, so that he can fix any
>> outstanding problems.
> Thank you for your answer Glenn. That version of BDC is free for non
> commercial use.
Yes... not as free as it used to be:-/
> I'm using MailScanner version 4.71.10.
Not that new then.
> Strange thing is that Mailscanner first recognizes it as a virus message and
> later on says it's uninfected.
Yeah. If my fairly flawed recollections are anything to go by, that
was just the behavior.
Try an upgrade... it's pretty quick and easy:-).
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
More information about the MailScanner