How MS treats spam-virus with Sanesecurity
Neil
nwilson123 at gmail.com
Mon Jan 21 09:08:08 UTC 2019
Hi guys,
Apologies in advance, I'm not sure if this is a question for MS, MW or
Sansecurity but I've just discovered that despite my Sansecurity sigs
picking up that this email was a spam email, it hasn't blocked it or added
points to the spam score as per the logs below...
Jan 18 09:56:35 MailScanner[3219]:
Clamd::INFECTED::Sanesecurity.Phishing.Fake.Coin.27561.UNOFFICIAL ::
./CAC9885AC.A3148/
Jan 18 09:56:35 MailScanner[3219]: Found spam-virus
Sanesecurity.Phishing.Fake.Coin.27561.UNOFFICIAL in CAC9885AC.A3148
Jan 18 09:56:35 MailScanner[3219]: Clamd::INFECTED::
Sanesecurity.Phishing.Fake.Coin.27561.UNOFFICIAL ::
./CAC9885AC.A3148/msg-3219-52.txt
Jan 18 09:56:35 MailScanner[3219]: Found spam-virus
Sanesecurity.Phishing.Fake.Coin.27561.UNOFFICIAL in CAC9885AC.A3148
Jan 18 09:57:02 MailScanner[3219]: Requeue: CAC9885AC.A3148 to 700638613
Jan 18 09:57:02 MailScanner[3219]: Logging message CAC9885AC.A3148 to SQL
Jan 18 09:57:02 MailScanner[8432]: CAC9885AC.A3148: Logged to MailWatch SQL
Looking in Mailwatch I only see the following points
0.15 BITCOIN_DEADLINE
2.00 DCC_CHECK Detected as bulk mail by DCC (dcc-servers.net)
I've looked through my MS config and can't seem to find any actions for
spam-virus, or how to tell either Clamd, or Sane security to add points for
this.
Should I have a custom spam assassin rule perhaps that adds points for
emails marked with my "Spam-Virus Header" perhaps?
How do others treat this type of infection please?
Any assistance or guidance is appreciated!
Thank you.
Regards.
Neil Wilson.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20190121/8298be7d/attachment.html>
More information about the MailScanner
mailing list