Potential incompatibility between MailScanner and avg8

Eliott eliott100 at gmail.com
Fri Feb 12 16:10:59 GMT 2010 

Hi!

Works like charm, tested it with single and multiple scanners (together with
clamd). Just fyi, there are still some parsing issues if the file is zipped,
but I suppose that does not matter.

Thanks very much
regards
Eliott

--------
Feb 12 15:46:44 localhost MailScanner[12357]: New Batch: Scanning 1
messages, 1541 bytes
Feb 12 15:46:44 localhost MailScanner[12357]: Filename Checks: Windows/DOS
Executable (o1CEkcZm012430 eicar.com)
Feb 12 15:46:44 localhost MailScanner[12357]: Other Checks: Found 1 problems
Feb 12 15:46:44 localhost MailScanner[12357]: Virus and Content Scanning:
Starting
Feb 12 15:46:45 localhost MailScanner[12357]: Avg: Virus identified
EICAR_Test in eicar_com.zip->eicar.com
Feb 12 15:46:45 localhost MailScanner[12357]: Avg: Virus identified
EICAR_Test in eicar_com.zip
Feb 12 15:46:46 localhost MailScanner[12357]: Avg: Virus identified
EICAR_Test in zeicar.com
Feb 12 15:46:46 localhost MailScanner[12357]: Virus Scanning: Avg found 3
infections
--------

Many thanks
Eliott

On Fri, Feb 12, 2010 at 2:52 PM, Julian Field
<MailScanner at ecs.soton.ac.uk>wrote:

> I have just released version 4.80.1 beta for you, which contains the AVG8
> support you wanted.
>
> Best regards,
> Jules.
>
>
> On 12/02/2010 12:42, Julian Field wrote:
>
>> I'll put out a new beta including support for AVG8 after I've had some
>> lunch.
>> It's all working.
>> :-)
>>
>> Jules.
>>
>> On 12/02/2010 11:50, Eliott wrote:
>>
>>> Hi!
>>>
>>> Thanks, this is the command to execute:  avgscan -arch . (by default it
>>> does not search archives)
>>> The output is attached, there are strange control characters in the
>>> fiile, this might be realted to out problem.
>>> Avg itself can be downloaded from:
>>> http://free.avg.com/us-en/download?prd=afl
>>> The free edition is free for personal use.
>>> Regards
>>> Eliott
>>>
>>>
>>> On Thu, Feb 11, 2010 at 5:13 PM, Julian Field <
>>> MailScanner at ecs.soton.ac.uk <mailto:MailScanner at ecs.soton.ac.uk>> wrote:
>>>
>>>    Can you do a scan something like this (where "avg8" is whatever
>>>    your virus scanner command is called):
>>>    1. Put an eicar_com.zip containing eicar.com <http://eicar.com>
>>>    into /tmp/eicar_com.zip
>>>    2. Do these 2 commands:
>>>    cd /tmp
>>>    avg8 . > /root/avg8.output
>>>    3. Mail me a copy of the avg8.output file.
>>>
>>>    Ideally, if you could put the entire avg8 package somewhere I can
>>>    download it (don't publish the URL, just send it to me off-list)
>>>    and send me a valid licence for it as well, I will write the
>>>    support you need.
>>>
>>>    Don't worry about your licence, it will *only* be used for my
>>>    development purposes, I won't let it leak out anywhere or use it
>>>    for anything else.
>>>
>>>    Jules.
>>>
>>>
>>>    On 11/02/2010 15:58, Eliott wrote:
>>>
>>>        Hi!
>>>
>>>        Can anybody help me further on this? I have the same setup
>>>        with  Linux 2.6.9-78.0.8.ELsmp , Perl version 5.008005 (5.8.5)
>>>        and MailScanner version 4.70.7  with avg7 working, so I
>>>        suppose it must be an avg8 issue.
>>>        this is what I get when running avgscan standalone:
>>>        AVG command line Anti-Virus scanner
>>>        Copyright (c) 2009 AVG Technologies CZ
>>>
>>>        Virus database version: 271.1.1/2677
>>>        Virus database release date: Tue, 09 Feb 2010 08:35:00 +01:00
>>>
>>>        /root/eicar_com.zip:/eicar.com <http://eicar.com>
>>> <http://eicar.com>  Virus identified EICAR_Test
>>>
>>>        /root/eicar_com.zip  Virus identified EICAR_Test
>>>
>>>        Files scanned     :  2(1)
>>>        Infections found  :  2(1)
>>>
>>>        thanks in advance
>>>        eliott
>>>
>>>
>>>
>>>        On Fri, Jan 22, 2010 at 1:48 PM, Eliott <eliott100 at gmail.com
>>> <mailto:eliott100 at gmail.com> <mailto:eliott100 at gmail.com
>>> <mailto:eliott100 at gmail.com>>> wrote:
>>>
>>>           Hi!
>>>
>>>           we are about to migrate an old imlementation while
>>>        upgrading all
>>>           the components and came across a strange problem.
>>>           With MailScanner  4.78.17 and avg 8.5.288 we see the
>>>        following log
>>>           entries:
>>>           --------------
>>>           Jan 18 15:47:23 localhost MailScanner[4725]: New Batch:
>>>        Scanning 1
>>>           messages, 1338 bytes
>>>           Jan 18 15:47:23 localhost MailScanner[4725]: Virus and Content
>>>           Scanning: Starting
>>>           Jan 18 15:47:23 localhost MailScanner[4725]: Avg: Virus
>>>        identified
>>>           EICAR_Test in eicar.txt
>>>           Jan 18 15:47:23 localhost MailScanner[4725]: Virus
>>>        Scanning: Avg
>>>           found 1 infections
>>>           Jan 18 15:47:23 localhost MailScanner[4725]: Infected message
>>>           ESC[2Ko0IElNL7004734 came from
>>>           Jan 18 15:47:23 localhost MailScanner[4725]: Virus
>>>        Scanning: Found
>>>           1 viruses
>>>           Jan 18 15:47:24 localhost MailScanner[4725]: Uninfected:
>>>        Delivered
>>>           1 messages
>>>           Jan 18 15:47:24 localhost MailScanner[4725]: Deleted 1 messages
>>>           from processing-database
>>>           smtp2225, pri=120812, relay=[10.0.20.10] [10.0.20.10],
>>>        dsn=2.0.0,
>>>           stat=Sent (Message accepted for delivery)
>>>           ---------------
>>>           I have checked SweepVisuses.pm, but there the output seems
>>>        to be
>>>           parsed well. Is this a configuration issue or a bug?
>>>
>>>           Thanks and regards
>>>           Eliott
>>>
>>>
>>>
>>>
>>>    Jules
>>>
>>>    --     Julian Field MEng CITP CEng
>>>    www.MailScanner.info <http://www.MailScanner.info>
>>>    Buy the MailScanner book at www.MailScanner.info/store
>>> <http://www.MailScanner.info/store>
>>>
>>>    Need help customising MailScanner?
>>>    Contact me!
>>>    Need help fixing or optimising your systems?
>>>    Contact me!
>>>    Need help getting you started solving new requirements from your boss?
>>>    Contact me!
>>>
>>>    PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>>>    Follow me at twitter.com/JulesFM <http://twitter.com/JulesFM> and
>>>    twitter.com/MailScanner <http://twitter.com/MailScanner>
>>>
>>>
>>>    --     This message has been scanned for viruses and
>>>    dangerous content by MailScanner, and is
>>>    believed to be clean.
>>>
>>>    --     MailScanner mailing list
>>>    mailscanner at lists.mailscanner.info
>>> <mailto:mailscanner at lists.mailscanner.info>
>>>    http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>>
>>>    Before posting, read http://wiki.mailscanner.info/posting
>>>
>>>    Support MailScanner development - buy the book off the website!
>>>
>>>
>>>
>> Jules
>>
>>
> Jules
>
> --
> Julian Field MEng CITP CEng
> www.MailScanner.info
> Buy the MailScanner book at www.MailScanner.info/store
>
> Need help customising MailScanner?
> Contact me!
> Need help fixing or optimising your systems?
> Contact me!
> Need help getting you started solving new requirements from your boss?
> Contact me!
>
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> Follow me at twitter.com/JulesFM and twitter.com/MailScanner
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20100212/d00d9fca/attachment.html

More information about the MailScanner mailing list