[Exim] NOD32 antivirus and malware (unknown)

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 
Delete this message
Reply to this message
Author: psd
Date:  
To: exim-users
Subject: [Exim] NOD32 antivirus and malware (unknown)
Hello,

I configured my Exim 4.24 with:
av_scanner = cmdline:/usr/local/nod32/nod32 -heursafe
-basedir=/usr/local/nod32 -all -log+ -logappend
-log=/tmp/nod32.log %s: - : - (.*)$

(all on one line...)

Test-mail /with/ virusses never get through; the correct name of the virus
is shown in the reject message ("This message contains malware (Eicar test
file)")...

Messages without a virus sometimes get through (a plain message sent with
mutt for example) but sometimes they don't - e.g. when using a
simple telnet connection with almost no DATA (no headers) (or some other
bulk mail I got (with attachments)). The reject message is "This message
contains malware (unkown)": but there is really no reason for it.
I did a 'grep " - " /tmp/nod32.log'' and this message was not listed at
all! (No virus was found...)

Is there something else that can cause this error? (With "uknown" as virus
name, so I assume the regex didn't match at all...)

Regards,
Paul



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] exim's databases and sql[Exim] newbie+exim+mailscanner+cron=howto?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)