MailScanner blocking ClamAV emails
wt at dld2000.com
Sat Mar 25 11:45:07 UTC 2017
I'm not sure what a Sane rule is.
On 3/25/2017 7:40 AM, Jerry Benton wrote:
> Whitelisting in MailScanner. Whitelisting is for spam checks. You will
> need to whitelist in clamav. It looks like a Sane rule is catching it?
> Jerry Benton
> www.mailborder.com <http://www.mailborder.com>
> +1 - 844-436-6245
>> On Mar 25, 2017, at 7:38 AM, Walt Thiessen <wt at dld2000.com
>> <mailto:wt at dld2000.com>> wrote:
>> I have MailScanner set to check all inbound and outbound email using
>> I have ClamAV set up to send me an email each day informing me of any
>> possible infections.
>> For about a week or two now, this email has failed to arrive.
>> My admins found the problem. ClamAV is apparently blocking itself via
>> From the maillog:
>> [root at server ~]# grep 1cqtVW-0002rF-UX /var/log/maillog
>> Mar 22 23:33:50 server MailScanner: Filename Checks: Allowing
>> 1cqtVW-0002rF-UX clamav-2017-03-22.log (no rule matched)
>> Mar 22 23:33:51 server MailScanner: Filetype Checks: Allowing
>> 1cqtVW-0002rF-UX clamav-2017-03-22.log
>> Mar 22 23:33:51 server MailScanner: Clamd::INFECTED::
>> YARA.r57shell_php_php.UNOFFICIAL ::
>> Mar 22 23:33:51 server MailScanner: Infected message 1cqtVW-0002rF-UX
>> came from 127.0.0.1
>> Mar 22 23:33:51 server MailScanner: 1cqtVW-0002rF-UX: Received for
>> MailControl Database
>> Mar 22 23:33:51 server MailScanner: 1cqtVW-0002rF-UX: MailControl
>> cannot insert row: %%C7RPN1O2FYP5LGSYVTBFOC2X10OGEDRXXIPRGRGJJJI5KDWFI8S
>> We tried whitelisting root at server or 127.0.0.1, but it didn't help.
>> Any ideas?
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> <mailto:mailscanner at lists.mailscanner.info>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the MailScanner