>>> [EMAIL PROTECTED] 25/01/06 15:05 >>>
Hi,
mail gateways running Solaris 9 with Sendmail 8-13.1 +Mimedefang 2.44
+
SpamAssassin 2.64 with Uvscan & ClamAv
Some of our staff received W32/[EMAIL PROTECTED] virus which were sent to
them as forwarded mail as Attachment. This means some MIME encoded virus
are slipping through. I did some test by forwarding virus infected mail
via gateway and it is getting through.
In mimedefang.pl, I added "--mime" flag for uvscan.
# Run uvscan
my($code, $category, $action) =
run_virus_scanner($Features{'Virus:NAI'} . " --noboot --secure
--allole ./Work 2>&1", "Found");
Changed file:
# Run uvscan
my($code, $category, $action) =
run_virus_scanner($Features{'Virus:NAI'} . " --noboot --secure
--mime --allole ./Work 2>&1", "Found");
After changing the gateway is detecting the virus which was not
detecting before. Is it safe to change it permanently? Couple of years
ago( during the Sobig virus) , I remember, the above is going permanent
feature.
Mathew
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
