We are having a problem using qmail-scanner with vpopmail. It appears that when vpopmail is configured for roaming users (i.e. pop before smptd) the IP addresses of users that pop in get listed in tcp.smtp.cbd and are then bypassed by the qmail-scanner.
A look at the 'open-smtp' file which is used along with tcp.smtp to build tcp.smtp.cdb shows entries like:
188.8.131.52:allow,RELAYCLIENT="",RBLSMTPD="" 1075391824 184.108.40.206:allow,RELAYCLIENT="",RBLSMTPD="" 1075391878 220.127.116.11:allow,RELAYCLIENT="",RBLSMTPD="" 1075391923
Then, it seems, for the period of time these entries stay in the database email that comes from these IP addresses bypasses the qmail-scanner virus filter.
Is there a way to correct this problem? It is letting viruses through our mailserver.