MailScanner at ecs.soton.ac.uk
Tue Feb 10 19:07:47 GMT 2009
On 9/2/09 17:52, jeroen wrote:
> Glenn Steen schreef:
>> 2009/2/9 jeroen <techgeeks at tomaatman.org>:
>>> I'm using MailScanner with BitDefender Antivirus Scanner for Unices
>>> To get scanning working I had to edit the path in
>>> virus.scanners.conf to
>>> /opt/BitDefender-scanner/bin. After that is seems to work, the
>>> message gets
>>> scanned and the EICAR test virus gets detected, but the infected mail
>>> somehow isn't moved to the quarantine.
>>> I also tested it with ClamAV and this works well.
>>> Feb 9 02:40:16 pino MailScanner: New Batch: Scanning 1
>>> messages, 2176
>>> Feb 9 02:40:18 pino MailScanner: Virus and Content Scanning:
>>> Feb 9 02:40:22 pino MailScanner:
>>> EICAR-Test-File (not a virus)
>>> Feb 9 02:40:22 pino MailScanner: Virus Scanning: Bitdefender
>>> found 1
>>> Feb 9 02:40:22 pino MailScanner: Virus Scanning: Found 1 viruses
>>> Feb 9 02:40:22 pino MailScanner: Requeue: 1670912E1BD.2CEAC to
>>> Feb 9 02:40:22 pino postfix/qmgr: 9402712E1BE:
>>> from=<xxxx at xxxxx.org>, size=1481, nrcpt=1 (queue active)
>>> Feb 9 02:40:22 pino MailScanner: Uninfected: Delivered 1
>>> Feb 9 02:40:22 pino MailScanner: Logging message
>>> 1670912E1BD.2CEAC to
>>> Feb 9 02:40:22 pino postfix/local: 9402712E1BE:
>>> to=<xxxx at xxxx.org>, relay=local, delay=7.5,
>>> dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail)
>>> Feb 9 02:40:22 pino postfix/qmgr: 9402712E1BE: removed
>>> Any thoughts on this?
>> That is the "not so free" version of BDC, so ... that it needed
>> amending in the virus.scanners.conf isn't surprising:-).
>> What version of MailScanner are you using? ISTR some similar troubles
>> a while back (for some AV scanners), that might've been fixed in a
>> newer release.
>> If you are fairly current (like the latest stable), you could always
>> send a fully licensed version of it to Jules, so that he can fix any
>> outstanding problems.
> Thank you for your answer Glenn. That version of BDC is free for non
> commercial use.
> I'm using MailScanner version 4.71.10.
> Strange thing is that Mailscanner first recognizes it as a virus
> message and later on says it's uninfected.
In which case, please send me a fully-licensed copy of your version of
Bitdefender to work from. I guarantee it will only be used for
MailScanner development and will never leave my grasp. I've got a
reputation to maintain!
Please send it to mailscanner at ecs.soton.ac.uk. Preferably, please put it
on an http site with no links to it (so it can't be found by web
crawlers or Google) and send me the URL.
Then I'll be able to fix your problem.
Julian Field MEng CITP CEng
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner