Re: [Exim] Exiscan and uvscan from NAI

Página superior
Este mensaje es parte del siguiente hilo:
MEl árbol completo de hilos, ordenados por fecha
MDanny.Carroll, mensaje del <-
MSven Geggus, mensaje del ->
Eliminar este mensaje
Responder a este mensaje
Autor: Rene Küttner
Fecha:  
A: Danny.Carroll
Cc: exim-users
Asunto: Re: [Exim] Exiscan and uvscan from NAI
--
On Thu, Jan 23, 2003 at 04:52:14PM +0100, Danny.Carroll@??? wrote:
> Thanks everyone...
>
> Got it to work now.. Looks like I had one too many spaces in the regexp.
>
> >
> > exiscan_av_scanner_regexp_description = Found[: ]
> > exiscan_av_scanner_regexp_trigger = Found[: ]{1,2}(.*)[\.\!]
> >
>
> Rene, are you saying that:
>
> exiscan_av_scanner_regexp_trigger = Found: (.*)
>
> Will also fail? Have you got examples of the different uvscan messages?

example1: 

/root/antivirustest/subseven.zip/SUBSEVEN.EXE
        Found the BackDoor-Sub7.cli trojan !!!


"Found: (.*)" <- did'nt match

example2: 

/root/antivirustest/eicar.com
        Found: EICAR test file NOT a virus.


example3: 

/root/antivirustest/Bugbear.exe
        Found the W32/Bugbear@MM virus !!!


maybe, it is a special message for the test signature.
sorry but i replyd the wrong email ;-)

i mean:
Godfrey's configuration only matches eicar test signature!!
i think he should know that

anyway "it worked like a bomb" ;-)

regards

> -----------------------------------------------------------------
> ATTENTION:
> The information in this electronic mail message is private and
> confidential, and only intended for the addressee. Should you
> receive this message by mistake, you are hereby notified that
> any disclosure, reproduction, distribution or use of this
> message is strictly prohibited. Please inform the sender by
> reply transmission and delete the message without copying or
> opening it.
>
> Messages and attachments are scanned for all viruses known.
> If this message contains password-protected attachments, the
> files have NOT been scanned for viruses by the ING mail domain.
> Always scan attachments before opening them.
> -----------------------------------------------------------------
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>

-- 

René Küttner                     NetKom GmbH, Administration
rkuettner@???      Gewerbepark Mockritz, 04720 Döbeln


PGP Fingerprint: 548C C10B C40E 3AE4 B030 61B9 35F3 B801 8DF6 41AD
PGP Public-Key: http://in-doebeln.de/~rene/pubkey.asc

--
[ Content of type application/pgp-signature deleted ]
--


Este mensaje se envió a las siguientes listas de correo:
Exim-users
Información de la lista de correo | Mensajes cercanos		<-Re: [Exim] Web based mailRe: [Exim] BSMTP To: header rewritten, normal incoming mail does not->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)