First, you should be actively monitoring
the HOLD2 directory. There are some scripts on the Declude Tools sight that can
be used for this.
Second, you do not need to cycle the
SMTP service. However, you will have to rename the HOLD2 files if you want to release
them and then manually
John,
Been there..doing that. My concern is that Customer
#2's email will be incorrectly blocked due to DECCON's "memory". I felt it would
be safer to stop the SMTP service before killing the deccon
instance.
-M---"Problems are only opportunities in work
clothes." -- Henry J. Kaiser
I've never seen this before, but beginning on Saturday morning, I
started getting appearances of "Application Error" in my Event Log
about McAfee:
Faulting application Scan.exe, version 4.3.2.0, faulting
module mcscan32.dll, version 4.3.2.0, fault address 0x0001cfd0.
Then this morning the
Although I cannot explain the cause of the issues you've seen, I would
suggest that you upgrade your scan engine:
http://www.mcafeesecurity.com/us/downloads/default.asp?wt.mc_n=us_updateswt.mc_t=ext_li_concid=10373.
Download and run the SuperDat, file which contains the latest dat and engine
FWIW, I recently ran into a weirdness with McAfee; I use the daily dat
download (engine plus dats), and have so for some months. What I do is
for reporting completeness, I do a nightly scan of my spam folder to
find out how many viruses were caught as spam.
January didn't work, and I didn't
Andrew,
When you say "reading the root of the drive" do you mean the boot
sector, or the files contained in the root of C: or the drive that was
defined in the command line? And also just to clarify, "reading" in
this case meaning "scanning", correct?
Seems like being able to turn that off,
Title: Message
I
don't mean scanning the files in the root repetitively. In
particular, FileMon was showing me that scan.exe was READing D:\ (as opposed to
OPEN, CLOSE, QUERY INFORMATION, or SET INFORMATION - all of which are other
request types that FileMon can log).
Actually, it might
Title: Message
I
should have also mentioned that the script first makes a list of the files to
scan, then tells scan.exe to scan the files in the list.
I
don't just tell scan.exe to scan the folder (if I had, I could buy the behaviour
of reading the directory over and over again).
Andrew
Title: Message
Sounds like it's worth a test and some monitoring just to see if there
is a measurable difference in mail scanning activities.
Thanks for sharing.
Matt
Colbeck, Andrew wrote:
I should have also mentioned that the script
first makes a list of the files to scan,