Re: [qmailtoaster] Heuristics.PNG.CVE-2010-1205

[Eric Broch]

I really don't thinks it's a qmail issue but a clamav issue. That's why 
I suggested you contact the clamav mailing list.

On 6/17/2021 11:51 PM, ChandranManikandan wrote:
Thanks Eric,
Please advise if I need to do anything on my server to fix that.

On Thu, Jun 17, 2021 at 7:46 PM Eric Broch <ebr...@whitehorsetc.com 
<mailto:ebr...@whitehorsetc.com>> wrote:

    I would ask on the clamav mailing list.

    On 6/17/2021 2:05 AM, Mani Kandan wrote:
    Hi Eric,
    Do I need to run any patch to protect. I am using spamdyke and
    spamassassin services.



    On 16 Jun 2021, at 8:56 PM, Eric Broch <ebr...@whitehorsetc.com>
    <mailto:ebr...@whitehorsetc.com> wrote:

    

    Sorry, my fault, clam is not skipped for submission/smtps
    (authenticated clients), but it seems that spam scanning is skipped.

    On 6/15/2021 4:55 AM, Eric Broch wrote:
    It looks like it. I thought that clam check was skipped for
    submission/smtps
    On Jun 15, 2021, at 2:05 AM, ChandranManikandan
    <kand...@gmail.com <mailto:kand...@gmail.com>> wrote:

        Hi Eric,

        I have run your command and got the result below.

        /var/qmail/simscan/1623681711.351688.15737/msg.1623681711.351688.15737:
        Heuristics.PNG.CVE-2010-1205 FOUND
        /var/qmail/simscan/1623681711.351688.15737/YashwanthCP4_2.docx:
        Heuristics.PNG.CVE-2010-1205 FOUND
        /var/qmail/simscan/1623681775.41626.15918/msg.1623681775.41626.15918:
        Heuristics.PNG.CVE-2010-1205 FOUND
        /var/qmail/simscan/1623681775.41626.15918/YashwanthCP4_2.docx:
        Heuristics.PNG.CVE-2010-1205 FOUND
        SelfCheck: Database status OK.

        Is that generated from clamd? And is the server safe?


        On Wed, Jun 9, 2021 at 8:13 PM Eric Broch <
        ebr...@whitehorsetc.com <mailto:ebr...@whitehorsetc.com>>
        wrote:

            cat /var/log/clamd/clamd.log|grep -C 1  FOUND
            SelfCheck: Database status OK.
            
/var/qmail/simscan/1589924289.476570.15597/msg.1589924289.476570.15597:
            Heuristics.Phishing.Email.SpoofedDomain FOUND
            SelfCheck: Database status OK.

            On 6/9/2021 4:18 AM, ChandranManikandan wrote:
            Hi Tony,

            I am using Centos 7 64 bit, Is that thunderbird email
            client or do i need to update any patch in my OS.


            On Tue, Jun 8, 2021 at 6:46 PM Tony White <
            t...@ycs.com.au <mailto:t...@ycs.com.au>> wrote:

                https://www.cvedetails.com/cve/CVE-2010-1205/
                <https://www.cvedetails.com/cve/CVE-2010-1205/>

                regards
                Tony White
                On 8/6/21 8:06 pm, ChandranManikandan wrote:

                Hi Folks,

                Our users are getting the message below while they are trying 
to send an
                email from Windows 10 with the Thunderbird email client.

                "An error occurred while sending mail. The mail server 
responded: your
                email was rejected because it contains the 
Heuristics.PNG.CVE-2010-1205
                virus. Please check the message and try again "

                It's generated from the server or email client issue.
                I Appreciate your support.




            -- 
            */Regards,
            Manikandan.C
            /*



        -- 
        */Regards,
        Manikandan.C
        /*



--
*/Regards,
Manikandan.C
/*