Mailscanner passing a virus
John E
johne14419 at gmail.com
Fri Dec 20 00:41:11 UTC 2019
> One of our users got a virus today. A Mal/DocDl-K word document. I've> resent it to myself multiple times, and MailScanner knows it is a virus> in the maillog file:> > Dec 19 13:10:01 revere MailScanner[25330]: >>> Virus 'Mal/DocDl-K' found> in file /var/pool/MailScanner/incoming/25330/xBJK9VH2030335/nbonus> 2019.doc> > But no {VIRUS?} tag is added to the subject line and no headers are> added to the email, so it gets delivered as normal, which is less than> ideal.> > But I'm kind of stumped as what I need to look at or debug.> > MailScanner version is 5.0.3 with sendmail running on RHEL6.10. Any> advice is appreciated.>
Version 5.0.3 is quite old now (2016 vintage?).
The "/var/pool" instead of "/var/spool" part of the path above is an
indication of
a sophos/AVG specific bug in Mailscanner that got fixed in version v5.1.3-2
01/27/2019 Changes in v5.1.3-2
==================================
...
- Fix AVG output parsing in SweepViruses.pm
- Fix absolute path in Sophos output parsing in SweepViruses.pm
I suggest upgrading to the latest version to get that bug fixed.
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20191219/03df00df/attachment.html>
More information about the MailScanner
mailing list