bitdefender

jeroen techgeeks at tomaatman.org
Mon Feb 9 12:40:52 GMT 2009


Glenn Steen schreef:
> 2009/2/9 jeroen <techgeeks at tomaatman.org>:
>   
>> I'm using MailScanner with BitDefender Antivirus Scanner for Unices
>> v7.90123.
>> To get scanning working I had to edit the path in virus.scanners.conf to
>> /opt/BitDefender-scanner/bin. After that is seems to work, the message gets
>> scanned and the EICAR test virus gets detected, but the infected mail
>> somehow isn't moved to the quarantine.
>> I also tested it with ClamAV and this works well.
>>
>> Feb 9 02:40:16 pino MailScanner[16457]: New Batch: Scanning 1 messages, 2176
>> bytes
>> Feb 9 02:40:18 pino MailScanner[16457]: Virus and Content Scanning: Starting
>> Feb 9 02:40:22 pino MailScanner[16457]:
>> /var/spool/MailScanner/incoming/16457/1670912E1BD.2CEAC/msg-16457-1.txt:infected:
>> EICAR-Test-File (not a virus)
>> Feb 9 02:40:22 pino MailScanner[16457]: Virus Scanning: Bitdefender found 1
>> infections
>> Feb 9 02:40:22 pino MailScanner[16457]: Virus Scanning: Found 1 viruses
>> Feb 9 02:40:22 pino MailScanner[16457]: Requeue: 1670912E1BD.2CEAC to
>> 9402712E1BE
>> Feb 9 02:40:22 pino postfix/qmgr[5178]: 9402712E1BE:
>> from=&lt;xxxx at xxxxx.org&gt;, size=1481, nrcpt=1 (queue active)
>> Feb 9 02:40:22 pino MailScanner[16457]: Uninfected: Delivered 1 messages
>> Feb 9 02:40:22 pino MailScanner[16457]: Logging message 1670912E1BD.2CEAC to
>> SQL
>> Feb 9 02:40:22 pino postfix/local[16677]: 9402712E1BE:
>> to=&lt;xxxx at xxxx.org&gt;, relay=local, delay=7.5, delays=7.5/0.02/0/0.02,
>> dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail)
>> Feb 9 02:40:22 pino postfix/qmgr[5178]: 9402712E1BE: removed
>>
>> Any thoughts on this?
>>
>> /jeroen
>>     
>
> That is the "not so free" version of BDC, so ... that it needed
> amending in the virus.scanners.conf isn't surprising:-).
> What version of MailScanner are you using? ISTR some similar troubles
> a while back (for some AV scanners), that might've been fixed in a
> newer release.
>
> If you are fairly current (like the latest stable), you could always
> send a fully licensed version of it to Jules, so that he can fix any
> outstanding problems.
>
> Cheers
>   
Thank you for your answer Glenn. That version of BDC is free for non 
commercial use.
I'm using MailScanner version 4.71.10.
Strange thing is that Mailscanner first recognizes it as a virus message 
and later on says it's uninfected.

/jeroen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090209/d09c9105/attachment.html


More information about the MailScanner mailing list