Potential incompatibility between MailScanner and avg8
Julian Field
MailScanner at ecs.soton.ac.uk
Thu Feb 11 16:13:59 GMT 2010
Can you do a scan something like this (where "avg8" is whatever your
virus scanner command is called):
1. Put an eicar_com.zip containing eicar.com into /tmp/eicar_com.zip
2. Do these 2 commands:
cd /tmp
avg8 . > /root/avg8.output
3. Mail me a copy of the avg8.output file.
Ideally, if you could put the entire avg8 package somewhere I can
download it (don't publish the URL, just send it to me off-list) and
send me a valid licence for it as well, I will write the support you need.
Don't worry about your licence, it will *only* be used for my
development purposes, I won't let it leak out anywhere or use it for
anything else.
Jules.
On 11/02/2010 15:58, Eliott wrote:
> Hi!
>
> Can anybody help me further on this? I have the same setup with Linux
> 2.6.9-78.0.8.ELsmp , Perl version 5.008005 (5.8.5) and MailScanner
> version 4.70.7 with avg7 working, so I suppose it must be an avg8 issue.
> this is what I get when running avgscan standalone:
> AVG command line Anti-Virus scanner
> Copyright (c) 2009 AVG Technologies CZ
>
> Virus database version: 271.1.1/2677
> Virus database release date: Tue, 09 Feb 2010 08:35:00 +01:00
>
> /root/eicar_com.zip:/eicar.com <http://eicar.com> Virus identified
> EICAR_Test
> /root/eicar_com.zip Virus identified EICAR_Test
>
> Files scanned : 2(1)
> Infections found : 2(1)
>
> thanks in advance
> eliott
>
>
>
> On Fri, Jan 22, 2010 at 1:48 PM, Eliott <eliott100 at gmail.com
> <mailto:eliott100 at gmail.com>> wrote:
>
> Hi!
>
> we are about to migrate an old imlementation while upgrading all
> the components and came across a strange problem.
> With MailScanner 4.78.17 and avg 8.5.288 we see the following log
> entries:
> --------------
> Jan 18 15:47:23 localhost MailScanner[4725]: New Batch: Scanning 1
> messages, 1338 bytes
> Jan 18 15:47:23 localhost MailScanner[4725]: Virus and Content
> Scanning: Starting
> Jan 18 15:47:23 localhost MailScanner[4725]: Avg: Virus identified
> EICAR_Test in eicar.txt
> Jan 18 15:47:23 localhost MailScanner[4725]: Virus Scanning: Avg
> found 1 infections
> Jan 18 15:47:23 localhost MailScanner[4725]: Infected message
> ESC[2Ko0IElNL7004734 came from
> Jan 18 15:47:23 localhost MailScanner[4725]: Virus Scanning: Found
> 1 viruses
> Jan 18 15:47:24 localhost MailScanner[4725]: Uninfected: Delivered
> 1 messages
> Jan 18 15:47:24 localhost MailScanner[4725]: Deleted 1 messages
> from processing-database
> smtp2225, pri=120812, relay=[10.0.20.10] [10.0.20.10], dsn=2.0.0,
> stat=Sent (Message accepted for delivery)
> ---------------
> I have checked SweepVisuses.pm, but there the output seems to be
> parsed well. Is this a configuration issue or a bug?
>
> Thanks and regards
> Eliott
>
>
>
Jules
--
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM and twitter.com/MailScanner
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list