MailScanner: Could not analyze message
Martin Hepworth
maxsec at gmail.com
Fri Jun 26 18:02:26 IST 2009
2009/6/26 Hafiz <hafiz at variegate.biz>:
> Hi List,
>
> My customers system as attached (System Info.txt)
> CentOS 5.3 x86
> MailScanner 4.77.10
> MailWatch 1.0.4
> Postfix 2.3.3
> ClamAV 0.95.1/9507/Fri Jun 26 09:52:45 2009
> Scalix 11.4.3-GA
>
> My customers are complaining that some of the e-mails received especially
> from 1 particular domain will have this error message:
> MailScanner: Could not analyze message
>
> As a result, the mail is quarantined and notification is sent to the sender.
>
> A google search found some historical posts that this issue might be caused
> by MIME-tools and on older version of MailScanner.
> I examine the quarantined message and basically its just a HTML format mail
> that contains lots of HTML tags inside it.
>
> Any advise and suggestion is appreciated.
>
> --
> Thanks.
>
> Mohd Hafiz Ramly
> Senior Consultant
> Variegate Systems Sdn Bhd
> Tel : +60 4 2298808
> Fax : +60 4 2295006
> Mobile : +6 013 4812676
> Web : http://www.variegate.biz
>
>
> Running on
> Linux XXXXXXXXX 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:39:21 EDT 2009 i686
> i686 i386 GNU/Linux
> This is CentOS release 5.3 (Final)
> This is Perl version 5.008008 (5.8.8)
>
> This is MailScanner version 4.77.10
> Module versions are:
> 1.00 AnyDBM_File
> 1.16 Archive::Zip
> 0.23 bignum
> 1.04 Carp
> 1.42 Compress::Zlib
> 1.119 Convert::BinHex
> 0.17 Convert::TNEF
> 2.121_08 Data::Dumper
> 2.27 Date::Parse
> 1.00 DirHandle
> 1.05 Fcntl
> 2.74 File::Basename
> 2.09 File::Copy
> 2.01 FileHandle
> 1.08 File::Path
> 0.20 File::Temp
> 0.90 Filesys::Df
> 1.35 HTML::Entities
> 3.56 HTML::Parser
> 2.37 HTML::TokeParser
> 1.23 IO
> 1.14 IO::File
> 1.13 IO::Pipe
> 2.04 Mail::Header
> 1.89 Math::BigInt
> 0.22 Math::BigRat
> 3.07 MIME::Base64
> 5.427 MIME::Decoder
> 5.427 MIME::Decoder::UU
> 5.427 MIME::Head
> 5.427 MIME::Parser
> 3.07 MIME::QuotedPrint
> 5.427 MIME::Tools
> 0.13 Net::CIDR
> 1.25 Net::IP
> 0.16 OLE::Storage_Lite
> 1.04 Pod::Escapes
> 3.05 Pod::Simple
> 1.09 POSIX
> 1.19 Scalar::Util
> 1.78 Socket
> 2.16 Storable
> 1.4 Sys::Hostname::Long
> 0.27 Sys::Syslog
> 1.26 Test::Pod
> 0.86 Test::Simple
> 1.9715 Time::HiRes
> 1.02 Time::localtime
>
> Optional module versions are:
> 1.30 Archive::Tar
> 0.23 bignum
> 2.03 Business::ISBN
> 1.17 Business::ISBN::Data
> 1.08 Data::Dump
> 1.814 DB_File
> 1.25 DBD::SQLite
> 1.607 DBI
> 1.14 Digest
> 1.01 Digest::HMAC
> 2.36 Digest::MD5
> 2.11 Digest::SHA1
> 1.01 Encode::Detect
> 0.17015 Error
> 0.23 ExtUtils::CBuilder
> 2.19 ExtUtils::ParseXS
> 2.38 Getopt::Long
> 0.44 Inline
> 1.08 IO::String
> 1.04 IO::Zlib
> 2.25 IP::Country
> missing Mail::ClamAV
> 3.002005 Mail::SpamAssassin
> v2.005 Mail::SPF
> 1.999001 Mail::SPF::Query
> 0.2808 Module::Build
> 0.20 Net::CIDR::Lite
> 0.65 Net::DNS
> v0.003 Net::DNS::Resolver::Programmable
> 0.33 Net::LDAP
> 4.007 NetAddr::IP
> 1.94 Parse::RecDescent
> missing SAVI
> 2.64 Test::Harness
> 1.22 Test::Manifest
> 1.95 Text::Balanced
> 1.35 URI
> 0.76 version
> 0.66 YAML
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
is the html acutally valid - in the past this has also been due to
incorrect html. (btw 'bouncing' messages to the sender is a bad idea
as spam and virus email usually fakes the from anyway).
--
Martin Hepworth
Oxford, UK
More information about the MailScanner
mailing list