mailscanner-mrtg giving low virus results with new install
Julian Field
MailScanner at ecs.soton.ac.uk
Wed Mar 18 12:27:17 GMT 2009
On 18/3/09 09:54, Gregory Machin wrote:
>
> Hi
>
> I have setup a new mail scanner using the latest “Version 4.74.16-1
> for RedHat, Fedora and Mandrake Linux (and other RPM-based Linux
> distributions)” and “ClamAV 0.94.2 and SpamAssassin 3.2.5
> installation package.” . All seem to be well no errors in the log
> files. But when comparing the number of viruses found on the new
> server, compared to that on the old servers Also running MailScanner
> (updated to the latest version) and an older version Clamav. There is
> a big difference in the results on mailscanner-mrtg. The old server
> found 250 viruses yesterday where as the new one only 9 .. and the
> trend is the same today. The virus scans are being logged for the
> mails and coming back uninfected. Updates are up to date.
>
> Thus my question is
>
> 1) How do I test MailScanner and all it’s features to check it’s
> working correctly ?
>
Start by doing a "MailScanner --lint".
Then start sending test messages through the system infected with the
"Eicar" test pattern (it's not a virus, but it will be detected by the
virus scanners). Watch what you see in your maillog.
> 2) Is the mailscanner-mrtg compatible with the current release of
> MailScanner and the bundled Clamav-SA packages ?
>
It's only a watcher, so it won't actually affect the success or
otherwise of your MailScanner installation. Far better to look at the logs.
>
> 3) Are the old servers giving false positives because of the old
> clamav installs (clamd –V 0.94.1/9127/Wed Mar 18 06:30:26 2009)
>
> This is installed on fedora Core 10 x68_64.
>
> Many thanksClamAV
>
> Greg
>
Jules
--
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list