efa-project.org

Posted: **08 Dec 2015 14:08**

Hello,

i have a little Problem:

Dec 8 14:24:52 MAILGATE MailScanner[2447]: New Batch: Scanning 1 messages, 37221 bytes
Dec 8 14:24:52 MAILGATE MailScanner[2447]: Virus and Content Scanning: Starting
Dec 8 14:24:53 MAILGATE MailScanner[2447]: Clamd::INFECTED::Sanesecurity.Malware.25109.GenDocHeur.UNOFFICIAL :: ./6DB9560F25.A646D/
Dec 8 14:24:53 MAILGATE MailScanner[2447]: Found spam-virus Sanesecurity.Malware.25109.GenDocHeur.UNOFFICIAL in 6DB9560F25.A646D
Dec 8 14:24:53 MAILGATE MailScanner[2447]: Clamd::INFECTED:: Sanesecurity.Malware.25109.GenDocHeur.UNOFFICIAL :: ./6DB9560F25.A646D/invoice36839978.do
c
Dec 8 14:24:53 MAILGATE MailScanner[2447]: Found spam-virus Sanesecurity.Malware.25109.GenDocHeur.UNOFFICIAL in 6DB9560F25.A646D
Dec 8 14:24:58 MAILGATE MailScanner[2447]: Spam Checks: Starting

this mail was delivered to the user.
How can i fix this?

Greetings from Germany

Jörg

Posted: **08 Dec 2015 23:00**

Check out this post

Code: Select all

# This defines which virus reports from your virus scanners are really the
# names of "spam-viruses" as described in the "Spam-Virus Header" section
# above. This is a space-separated list of strings which can contain "*"
# wildcards to mean "any string of characters", and which will match the
# whole name of the virus reported by your virus scanner. So for example
# "HTML/*" will match all virus names which start with the string "HTML/".
# The supplied example is suitable for F-Prot6 and the SaneSecurity
# databases for ClamAV. The test is case-sensitive.
# This cannot be a ruleset, it must be a simple value as described.
Virus Names Which Are Spam = Sane*UNOFFICIAL HTML/* *Phish*

viewtopic.php?f=5&t=1337&p=4863

Posted: **09 Dec 2015 09:13**

Thx,

i change the line to:

Code: Select all

Virus Names Which Are Spam = HTML/*

to save cpu cycles.

efa-project.org

[Solved] Infected mail

[Solved] Infected mail

Re: Infected mail

Re: Infected mail