Yesterday I had a user complained because a word doc was marked as 'suspicious' with filescan. I had the file quarantined, and ran it through with the scan.pl perl interface to File::Scan and it does not detect an suspicious items on the scan. Any idea how I can troubleshoot this? Do I need to save the raw work directory, when a suspicious item is detected, so I can determein the exact raw format it is scanning? Anyone have code to do this?
It is a very strange problem. It is the first time an item has been marked like this in 90K emails. I turned off blocking of items marked as suspicious with File::Scan, while I troubleshoot it. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
