esets false positive
Nerijus Baliunas
nerijus at users.sourceforge.net
Thu Oct 11 09:22:13 UTC 2018
Hello,
I use latest mailscanner 5.1.1-1 with esets. It works OK, but occasionally
it "detects" viruses in harmless files. For example:
Oct 11 11:55:18 mail MailScanner[3063]: New Batch: Scanning 1 messages, 4623339 bytes
Oct 11 11:55:19 mail MailScanner[3063]: Virus and Content Scanning: Starting
Oct 11 11:55:24 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:24 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Esets::INFECTED::
Oct 11 11:55:25 mail MailScanner[3063]: Virus Scanning: esets found 17 infections
Oct 11 11:55:26 mail MailScanner[3063]: Infected message 9231B2A14054.A15A2 came from 192.168.x.x
Oct 11 11:55:26 mail MailScanner[3063]: Virus Scanning: Found 17 viruses
While a real virus output looks like this:
Oct 11 01:39:44 mail MailScanner[4184]: New Batch: Scanning 1 messages, 2104 bytes
Oct 11 01:39:44 mail MailScanner[4184]: Virus and Content Scanning: Starting
Oct 11 01:39:49 mail MailScanner[4184]: Esets::INFECTED::Eicar test file
Oct 11 01:39:49 mail MailScanner[4184]: Esets::INFECTED::Eicar test file
Oct 11 01:39:49 mail MailScanner[4184]: Esets::INFECTED::Eicar test file
Oct 11 01:39:49 mail MailScanner[4184]: Virus Scanning: esets found 3 infections
Oct 11 01:39:49 mail MailScanner[4184]: Infected message EF7F72A14053.A770C came from 5.2.x.x
Oct 11 01:39:49 mail MailScanner[4184]: Virus Scanning: Found 3 viruses
How do I debug this?
Regards,
Nerijus
More information about the MailScanner
mailing list