eset av doesn't appear in log and notices

Wed Mar 10 09:05:55 GMT 2010

I can onyl help by stating im running allmost identical setup

Debian lenny and 4.78.9

My eset is from a .deb with version 3.0.15 and name "Eset security for
linux server"

My mailscanner.conf looks like:

Virus Scanners = clamd esets f-secure

Debug looks like:

Virus and Content Scanning: Starting
Clamd::INFECTED:: Eicar-Test-Signature :: ./1/eicar.com
Virus Scanning: Clamd found 1 infections
name="./1/eicar.com", threat="Eicar test file", action="", info=""
Virus Scanning: esets found 1 infections
Virus Scanning: F-Secure found virus EICAR_Test_File
./1/eicar.com: Infected: EICAR_Test_File [FSE]
Virus Scanning: F-Secure found virus EICAR-Test-File
./1/eicar.com: Infected: EICAR-Test-File [AVP]
Virus Scanning: F-Secure found 1 infections
Infected message 1 came from 10.1.1.1
Virus Scanning: Found 3 viruses

Im not sure what cuodl be wrong in ur case unfortunately...

Best regards

Jonas A. Larsen

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
> bounces at lists.mailscanner.info] On Behalf Of Viktor Matys - Grumpa.Net
> Sent: 9. marts 2010 13:19
> To: mailscanner at lists.mailscanner.info
> Subject: eset av doesn't appear in log and notices
> 
> Hello,
> 
> I installed Eset antivirus 3 for fileservers on Debian Lenny with
MailScanner
> 4.74. I added "esets" into directive Virus Scanner, so it looks this
way:
> 
> Virus Scanners = clamav esets
> 
> If I test it by sending a testing e-mail with eicar.com, I can see in
log:
> 
> Mar  9 12:22:49 host1 MailScanner[25504]: Viruses marked as silent:
> ClamAV: eicar.com contains Eicar-Test-Signature
> 
> but nothing about Eset.
> 
> Also the notification e-mail contains:
> 
> ClamAV: eicar.com contains Eicar-Test-Signature
> MailScanner: Executable DOS/Windows programs are dangerous in email
> (eicar.com)
> 
> and nothing about eset again.
> 
> I try to run eset wrapper by hand and the result is o.k.:
> 
> # /etc/MailScanner/wrapper/esets-wrapper /usr/sbin /root/eicar.com
> 
> Scan started at:   Tue 09 Mar 2010 12:40:28 PM CET
> name="/root/eicar.com", threat="Eicar test file", action="", info=""
> 
> Scan completed at: Tue 09 Mar 2010 12:40:28 PM CET
> Scan time:         0 sec (0:00:00)
> Total:             files - 1, objects 1
> Infected:          files - 1, objects 1
> Cleaned:           files - 0, objects 0
> 
> # echo $?
> 50
> 
> 
> This looks fine. So, where is the mistake?
> 
> Thanks for your kind advices :o)
> 
> Viktor Matys
> 
> 
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> 
> Before posting, read http://wiki.mailscanner.info/posting
> 
> Support MailScanner development - buy the book off the website!