<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
<title></title>
</head>
<body>
Thank-you Julian<br>
<br>
I thought I had performed this file-renaming correctly, but now looking at
*sophos-wrapper and *sophos-autoupdate I see the dates are from November
of last year. I had deleted the new scripts and kept the old ones! <span
class="moz-smiley-s7"><span> :-\ </span></span><br>
I have now extracted these 2 scripts from MailScanner-4.12-2.noarch.rpm and
placed them in /usr/lib/MailScanner and everything now seems to work correctly.<br>
<br>
Does this now mean that I wont be getting those hourly emails from cron anymore?
<span class="moz-smiley-s1"><span> :-) </span></span><br>
And to think that all this time, I thought the cron emails were a 'nice'
feature letting me know that the script was running.....huh!<br>
<br>
Thanks again<br>
Ryan Pitt<br>
<br>
Julian Field wrote:<br>
<blockquote type="cite"
cite="mid5.2.0.9.2.20030228144032.040d44e8@imap.ecs.soton.ac.uk"> Have
you got a<br>
/usr/lib/MailScanner/sophos-wrapper.rpmnew<br>
file?<br>
If so, please<br>
cd /usr/lib/MailScanner<br>
mv sophos-wrapper.rpmnew sophos-wrapper<br>
<br>
For some reason your current sophos-wrapper isn't the version that handles
the "-IsItInstalled" command-line switch. I mentioned this on the downloads
page, and there's even a little script there to do all the relevant renaming
for you.<br>
<br>
At 14:23 28/02/2003, you wrote:<br>
<blockquote type="cite" class="cite" cite="">My Cron log shows the following
entry every hour.<br>
This seems to be the only entry referring to cron.hourly.<br>
<br>
*******start of cron entry*********<br>
Feb 28 09:01:00 ctmail CROND[1498]: (root) CMD (run-parts /etc/cron.hourly)<br>
*******end of cron entry**********<br>
<br>
I looked in /etc/cron.hourly and there are 2 scripts:<br>
*check_mailscanner<br>
*update_virus_scanners<br>
<br>
I also get an email from the Cron Daemon every hour which is pasted below.<br>
I appologize for the large post guys.<br>
<br>
Again, the ide's are now up to date as I had run the autoupdate script manually
this morning.<br>
<br>
<br>
*********start of pasted email**********<br>
<br>
<pre>/etc/cron.hourly/update_virus_scanners:
SWEEP virus detection utility
Version 3.66, February 2003 [Linux/Intel]
Includes detection for 79566 viruses, trojans and worms
Copyright (c) 1989,2003 Sophos Plc,
<a href="http://www.sophos.com">www.sophos.com</a>
System time 09:01:01, System date 28 February 2003
Command line qualifiers are: -IsItInstalled
IDE directory is: /usr/local/Sophos/ide
Using IDE file van-a.ide
Using IDE file aro-a.ide
Using IDE file lovgated.ide
Using IDE file oror-r.ide
Using IDE file ekiam-a.ide
Using IDE file lovgatea.ide
Using IDE file lovgateb.ide
Using IDE file gibe-d.ide
Using IDE file axam-a.ide
Using IDE file cian-c.ide
Using IDE file igloo15.ide
Using IDE file tkbot-a.ide
Using IDE file seeker-c.ide
Using IDE file dload-bo.ide
Using IDE file manife-a.ide
Using IDE file slanreta.ide
Using IDE file sadhound.ide
Using IDE file netspree.ide
Using IDE file opaservl.ide
Using IDE file ororfam.ide
Using IDE file sahay-a.ide
Using IDE file oror-l.ide
Using IDE file opaservj.ide
Using IDE file moon-b.ide
Using IDE file replog-f.ide
Using IDE file sobig-a.ide
Using IDE file avril-b.ide
Invalid option '-IsItInstalled'
The following options may be prefixed with 'n' to invert their meaning
(for example, '-nsc' is the inverse of '-sc'). [*] indicates the option
is the default:
-sc [*] : SWEEP inside dynamically
compressed executables
-f [ ] : Full SWEEP
-di [ ] : Disinfect infected items
-s [*] : Run silently (do not list
files swept)
-c [*] : Ask for confirmation before
disinfection/deletion
-b [*] : Sound bell on virus
detection
-all [ ] : SWEEP all files
-rec [*] : Do recursive SWEEP
-remove [ ] : Remove infected objects
-dn [ ] : Display names of files as they
are scanned
-ss [ ] : Don't display anything except on
error or virus
-eec [ ] : Use extended error codes
-ext=XXX,.. : Specify additional extensions to SWEEP
-p=<file> : Write to logfile <file>
-v : Display
complete version information and exit
-h : Display
this help and exit
The following options are related to archives and other special file
types:
-zip [ ] : SWEEP inside ZIP
archives
-gzip [ ] : SWEEP inside GZIP compressed
files
-arj [ ] : SWEEP inside ARJ
archives
-cmz [ ] : SWEEP inside
Unix-compressed files
-tar [ ] : SWEEP inside TAR
archives
-rar [ ] : SWEEP inside RAR
archives
-cab [ ] : SWEEP inside Microsoft
Cabinet files
-archive [ ] : All of the above
-loopback [ ] : SWEEP inside loopback-type files
-tnef [ ] : SWEEP inside TNEF files
The following options may be prefixed with 'no-' to invert their
meaning
(for example, '--no-reset-atime' is the inverse of '--reset-atime'.
[*]
indicates the option is the default:
--reset-atime [*] :
Reset file access time after SWEEPing
The following options are Unix-specific, and may be prefixed with 'no-'
to invert their meaning (for example, '--no-follow-symlinks' is the
inverse of '--follow-symlinks'). [*] indicates the option is the
default:
--follow-symlinks [*] : SWEEP the
object pointed to by symbolic links
--stay-on-filesystem [ ] : Attempt not to leave the
starting filesystem
(i.e. do not traverse mount points)
--stay-on-machine [*] : Attempt not
to leave the starting machine
(i.e. do not traverse remote mount points)
--skip-special [*]
: Do not scan 'special' objects (/dev, /proc,
/devices etc.)
--backtrack-protection [*] : Prevent repetition of work
('backtracking')
due to symbolic links
--preserve-backtrack [*] : Preserve the backtracking
information for
the duration of this run
--examine-x-bit [ ] :
Check files with an execute bit set
--show-file-details [ ] : Show file ownership
and permissions when
displaying filenames
--quarantine
[ ] : (Simple form of --quarantine option)
If file is infected with virus, attempt to
change file owner to user running SWEEP, and
permissions to -r-------- (0400)
--quarantine:<uid=nnn>,<user=username>,
<gid=nnn>,<group=groupname>,<mode=ppp>
[ ] : (Detailed form of --quarantine option)
If file is infected with virus, attempt to
change file ownership, group ownership, and
permissions to those specified as
uid/username, gid/groupname, and mode.
--args-file=<file>
: Read command line arguments (both options and
directory/filenames) from file, taking
arguments from the command line again when
the end of the file is reached. A value of -
for <file> specifies taking input from stdin.
A small number of command line options may
not be used within an args file, namely:-
-eec, -neec, -p=, -s, -ns, -dn, -ndn.
These can only be specified from the command
line.
The following options are specific to Linux and FreeBSD only.
-mbr [ ] : SWEEP master boot records
on all (physical) hard disks
-bs=X,... [ ] : SWEEP boot sector of each drive listed
-bs [ ] : SWEEP boot sectors
on all (logical) drives
You need to have superuser rights in order to scan boot sectors.
********end of pasted email**********
</pre>
<br>
Steve Evans wrote:<br>
<blockquote type="cite" class="cite" cite=""><br>
<pre>What do your logs tell you? Does it show the Sophos update script
being
run at all?
Steve Evans
SDSU Foundation
(619) 594-0653
-----Original Message-----
From: Ryan Pitt
[<a href="mailto:ryan@MARINOCRANE.COM">mailto:ryan@MARINOCRANE.COM</a>]
Sent: Friday, February 28, 2003 5:43 AM
To:
<a href="mailto:MAILSCANNER@JISCMAIL.AC.UK">MAILSCANNER@JISCMAIL.AC.UK</a>
The autoupdate feature for Sophos does not seem to be working for me.
It appears to me that the sophos-autoupdate script is not being run at
any specific interval.
I updated MailScanner and Sophos 3 days ago. The ide's had not
been
updated for those 3 days until I ran the autoupdate script manually
this
morning.
Please could someone tell me where this script is supposed to be called
from and what to look for?
My setup is:
RH 7.2
Sendmail
MailScanner 4.12-2
Sophos 3.66
Thank you
Ryan Pitt
</pre>
</blockquote>
<br>
<font size="2" color="#808080">--- <br>
This message has been scanned for viruses and dangerous content by MailScanner,
<br>
and is believed to be clean.</font> </blockquote>
<br>
<div>-- </div>
<div>Julian Field</div>
<div><a href="http://www.mailscanner.info/" eudora="AUTOURL">www.MailScanner.info</a></div>
MailScanner thanks transtec Computers for their support <font
color="#808080" size="2">--- <br>
This message has been scanned for viruses and dangerous content by MailScanner,
<br>
and is believed to be clean.</font> </blockquote>
<br>
</body>
<font color="#808080" size="2">---
<br>This message has been scanned for viruses and dangerous content by
MailScanner,
<br>and is believed to be clean.</font>
</html>