Mailscanner / Sophos does not block viruses
ci at holmco.de
ci at holmco.de
Thu Nov 7 11:45:04 GMT 2013
Hello,
we are running Mailscanner with Sophos Antivirus as virus scanner.
So far it's working, but Mailscanner does not block the attachment.
I made sure that sophos-wrapper is executed by Mailscanner. The
resulting sophos command line scans and detects files in the spool
directory and delivers exit status > 0.
Mailscanner notices that the mail is infected. The admin gets
information mail from Mailscanner:
------------------------------------------------------------------------
Subject: [SAV-LINUX] Threat detected during on-demand scan on <mailserver>
To: admin at domain.tld
A threat was detected during an on-demand scan. Details follow:
3 files scanned.
Number of infections detected: 1
Number of infected files detected: 1
/var/spool/MailScanner/incoming/10458/1VeN1P-0002nK-8i/neicar.txt is infected
with EICAR-AV-Test.
------------------------------------------------------------------------
The mail reaches the receiptient *with* eicar still attached.
What's going wrong here?
Greetings,
--
R. Cirksena <ci at holmco.de>
More information about the MailScanner
mailing list