detected virus mails still getting delivered

Ryan Braganza ryan.virgo at gmail.com
Fri Mar 1 03:36:28 GMT 2013


Hi

Iam facing a typical problem, in this case am using mailscanner-4.70.7-1
with bitdefender-scanner-7.6-4 .. The virus in mails is getting detected
but is still delivered to the users mailbox. Below is a log of one such
transaction

New Batch: Scanning 1 messages, 56072 bytes
Mar  1 09:02:13 demo1 MailScanner[11182]: Virus and Content Scanning:
Starting
Mar  1 09:02:18 demo1 MailScanner[11185]: MailScanner E-Mail Virus Scanner
version 4.70.7 starting...
Mar  1 09:02:18 demo1 MailScanner[11185]: SpamAssassin temporary working
directory is /var/spool/MailScanner/incoming/SpamAssassin-Temp
Mar  1 09:02:18 demo1 MailScanner[11185]: Using locktype = flock
Mar  1 09:02:19 demo1 MailScanner[11182]:
/var/spool/MailScanner/incoming/11182/0345E427247.16030/Ticket.zip=>Ticket.exe:infected:
Trojan.Agent.ATXG
Mar  1 09:02:19 demo1 MailScanner[11182]: Virus Scanning: Bitdefender found
1 infections
Mar  1 09:02:19 demo1 MailScanner[11182]: Virus Scanning: Found 1 viruses

MILTER: Processing mail in scan_source_destination for mail restrictions
Mar  1 09:02:19 demo1 MailScanner[11182]: MILTER: email-subject: Test Mail
Mar  1 09:02:19 demo1 MailScanner[11182]: MILTER: Ultimately the mail sent
only to RCPTs: a2 at mumbai.demo2.nsfleximail.com
Mar  1 09:02:19 demo1 MailScanner[11182]: Requeue: 0345E427247.16030 to
15FA3427249


USAGE a2 user: 0.003999 sys: 0.003999
Mar  1 09:02:19 demo1 postfix/lmtp[11189]: 15FA3427249: to=<
a2 at mumbai.demo2.nsfleximail.com>, orig_to=<a2 at demo2.nsfleximail.com>, relay=
mumbai.demo1.nsfleximail.com[/var/lib/imap/socket/lmtp], delay=6.7,
delays=6.6/0.01/0.01/0.15, dsn=2.1.5, status=sent (250 2.1.5 Ok
SESSIONID=<demo1.nsfleximail.com-10421-1362108739-1>)
Mar  1 09:02:19 demo1 postfix/lmtp[11189]: ECMPLOG : 15FA3427249|55381|<
idcalerts at netcore.co.in>|<a2 at mumbai.demo2.nsfleximail.com>|DOM|
mumbai.demo1.nsfleximail.com[/var/lib/imap/socket/lmtp]|-> 250 2.1.5 Ok
SESSIONID=<demo1.nsfleximail.com-10421-1362108739-1>|6|sent
Mar  1 09:02:19 demo1 postfix/qmgr[11148]: 15FA3427249: removed


-- 
-------------------------------------------------------------------------------------------------
*No matter how bad the day is...
There is always a bike ride back home... :-)
*
-------------------------------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130301/28350025/attachment.html 


More information about the MailScanner mailing list