[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] Mailscanner not getting viruses all the time
- Subject: RE: [cobalt-users] Mailscanner not getting viruses all the time
- From: "Phil Beynon" <phil@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed Feb 11 09:55:32 2004
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
> Hi
>
> I have a setup like this:
>
>
> internet
> |
> |
> v
> primary MX
> [RaQ3 running Mailscanner/clamav/spamassassin]
> |
> |
> v
> secondary MX
> [another RaQ3]
>
>
> Today one of the users told me that he gets alot of (what I think) is
> MyDoom/worm.SCO even though hes mails are handled by this scanning
> chain.
>
> I can see from the log that ALOT of worm.SCO's hitting the mailboxes
> handled this way, so I cant figure out how the virus mails gets past
> this setup?
>
> Has anyone experienced the same og maybe knows what could be wrong?
>
Sounds like your virus definitions are not quite up to date.
When Mydoom first appeared we were destroying a percentage due to normal
rules that mailscanner applies,
i.e. along the lines of things like double file extensions, .pif .scr
attachments but the .zip ones were mainly getting past it, once the
definitions were up to date it killed 100% of them.
Phil
** http://www.diygear.com THE Online DIY Toolstore For DIY & Business
** Infolink Electronic Systems Ltd. http://www.infolinkelectronics.co.uk
** Professional Web Design & Cobalt Hosting Solutions
** Sun Cobalt iForce Reseller - Canon Silver Reseller
** Contact: Sales@xxxxxxxxxxxxxxxxxxxxxxxxx
** Tel / Fax 0121 458 4894 (office) 0121 441 3558 (home)