detected virus mails still getting delivered
Ryan Braganza
ryan.virgo at gmail.com
Sat Mar 2 12:32:51 GMT 2013
Thanks Martin, I upgraded to the latest MS and the problem got solved
On Fri, Mar 1, 2013 at 4:59 PM, Martin Hepworth <maxsec at gmail.com> wrote:
> and your email rules for what do in this case are what?
> --
> Martin Hepworth, CISSP
> Oxford, UK
>
>
> On 1 March 2013 03:36, Ryan Braganza <ryan.virgo at gmail.com> wrote:
>
>>
>> Hi
>>
>> Iam facing a typical problem, in this case am using mailscanner-4.70.7-1
>> with bitdefender-scanner-7.6-4 .. The virus in mails is getting detected
>> but is still delivered to the users mailbox. Below is a log of one such
>> transaction
>>
>> New Batch: Scanning 1 messages, 56072 bytes
>> Mar 1 09:02:13 demo1 MailScanner[11182]: Virus and Content Scanning:
>> Starting
>> Mar 1 09:02:18 demo1 MailScanner[11185]: MailScanner E-Mail Virus
>> Scanner version 4.70.7 starting...
>> Mar 1 09:02:18 demo1 MailScanner[11185]: SpamAssassin temporary working
>> directory is /var/spool/MailScanner/incoming/SpamAssassin-Temp
>> Mar 1 09:02:18 demo1 MailScanner[11185]: Using locktype = flock
>> Mar 1 09:02:19 demo1 MailScanner[11182]:
>> /var/spool/MailScanner/incoming/11182/0345E427247.16030/Ticket.zip=>Ticket.exe:infected:
>> Trojan.Agent.ATXG
>> Mar 1 09:02:19 demo1 MailScanner[11182]: Virus Scanning: Bitdefender
>> found 1 infections
>> Mar 1 09:02:19 demo1 MailScanner[11182]: Virus Scanning: Found 1 viruses
>>
>> MILTER: Processing mail in scan_source_destination for mail restrictions
>> Mar 1 09:02:19 demo1 MailScanner[11182]: MILTER: email-subject: Test
>> Mail
>> Mar 1 09:02:19 demo1 MailScanner[11182]: MILTER: Ultimately the mail
>> sent only to RCPTs: a2 at mumbai.demo2.nsfleximail.com
>> Mar 1 09:02:19 demo1 MailScanner[11182]: Requeue: 0345E427247.16030 to
>> 15FA3427249
>>
>>
>> USAGE a2 user: 0.003999 sys: 0.003999
>> Mar 1 09:02:19 demo1 postfix/lmtp[11189]: 15FA3427249: to=<
>> a2 at mumbai.demo2.nsfleximail.com>, orig_to=<a2 at demo2.nsfleximail.com>,
>> relay=mumbai.demo1.nsfleximail.com[/var/lib/imap/socket/lmtp],
>> delay=6.7, delays=6.6/0.01/0.01/0.15, dsn=2.1.5, status=sent (250 2.1.5 Ok
>> SESSIONID=<demo1.nsfleximail.com-10421-1362108739-1>)
>> Mar 1 09:02:19 demo1 postfix/lmtp[11189]: ECMPLOG : 15FA3427249|55381|<
>> idcalerts at netcore.co.in>|<a2 at mumbai.demo2.nsfleximail.com>|DOM|
>> mumbai.demo1.nsfleximail.com[/var/lib/imap/socket/lmtp]|-> 250 2.1.5 Ok
>> SESSIONID=<demo1.nsfleximail.com-10421-1362108739-1>|6|sent
>> Mar 1 09:02:19 demo1 postfix/qmgr[11148]: 15FA3427249: removed
>>
>>
>> --
>> -------------------------------------------------------------------------------------------------
>> *No matter how bad the day is...
>> There is always a bike ride back home... :-)
>> *
>> -------------------------------------------------------------------------------------------------
>>
>>
>>
>>
>> --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website!
>>
>>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
--
-------------------------------------------------------------------------------------------------
*No matter how bad the day is...
There is always a bike ride back home... :-)
*
-------------------------------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130302/c225a7d6/attachment.html
More information about the MailScanner
mailing list