bitdefender

Julian Field MailScanner at ecs.soton.ac.uk
Tue Feb 10 19:07:47 GMT 2009 


On 9/2/09 17:52, jeroen wrote:
> Glenn Steen schreef:
>> 2009/2/9 jeroen <techgeeks at tomaatman.org>:
>>> I'm using MailScanner with BitDefender Antivirus Scanner for Unices
>>> v7.90123.
>>> To get scanning working I had to edit the path in 
>>> virus.scanners.conf to
>>> /opt/BitDefender-scanner/bin. After that is seems to work, the 
>>> message gets
>>> scanned and the EICAR test virus gets detected, but the infected mail
>>> somehow isn't moved to the quarantine.
>>> I also tested it with ClamAV and this works well.
>>>
>>> Feb 9 02:40:16 pino MailScanner[16457]: New Batch: Scanning 1 
>>> messages, 2176
>>> bytes
>>> Feb 9 02:40:18 pino MailScanner[16457]: Virus and Content Scanning: 
>>> Starting
>>> Feb 9 02:40:22 pino MailScanner[16457]:
>>> /var/spool/MailScanner/incoming/16457/1670912E1BD.2CEAC/msg-16457-1.txt:infected: 
>>>
>>> EICAR-Test-File (not a virus)
>>> Feb 9 02:40:22 pino MailScanner[16457]: Virus Scanning: Bitdefender 
>>> found 1
>>> infections
>>> Feb 9 02:40:22 pino MailScanner[16457]: Virus Scanning: Found 1 viruses
>>> Feb 9 02:40:22 pino MailScanner[16457]: Requeue: 1670912E1BD.2CEAC to
>>> 9402712E1BE
>>> Feb 9 02:40:22 pino postfix/qmgr[5178]: 9402712E1BE:
>>> from=&lt;xxxx at xxxxx.org&gt;, size=1481, nrcpt=1 (queue active)
>>> Feb 9 02:40:22 pino MailScanner[16457]: Uninfected: Delivered 1 
>>> messages
>>> Feb 9 02:40:22 pino MailScanner[16457]: Logging message 
>>> 1670912E1BD.2CEAC to
>>> SQL
>>> Feb 9 02:40:22 pino postfix/local[16677]: 9402712E1BE:
>>> to=&lt;xxxx at xxxx.org&gt;, relay=local, delay=7.5, 
>>> delays=7.5/0.02/0/0.02,
>>> dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail)
>>> Feb 9 02:40:22 pino postfix/qmgr[5178]: 9402712E1BE: removed
>>>
>>> Any thoughts on this?
>>>
>>> /jeroen
>>
>> That is the "not so free" version of BDC, so ... that it needed
>> amending in the virus.scanners.conf isn't surprising:-).
>> What version of MailScanner are you using? ISTR some similar troubles
>> a while back (for some AV scanners), that might've been fixed in a
>> newer release.
>>
>> If you are fairly current (like the latest stable), you could always
>> send a fully licensed version of it to Jules, so that he can fix any
>> outstanding problems.
>>
>> Cheers
> Thank you for your answer Glenn. That version of BDC is free for non 
> commercial use.
> I'm using MailScanner version 4.71.10.
> Strange thing is that Mailscanner first recognizes it as a virus 
> message and later on says it's uninfected.
In which case, please send me a fully-licensed copy of your version of 
Bitdefender to work from. I guarantee it will only be used for 
MailScanner development and will never leave my grasp. I've got a 
reputation to maintain!

Please send it to mailscanner at ecs.soton.ac.uk. Preferably, please put it 
on an http site with no links to it (so it can't be found by web 
crawlers or Google) and send me the URL.

Then I'll be able to fix your problem.

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list