efa-project.org

Hi guys.
ON EFA 3.1.1.5 version.
Investigating an issue where attachment (ZIP) with virus goes thru mail scanner and gets delivered to users mailbox.
How to solve it?

Nov 23 00:44:40 efa MailScanner[23062]: New Batch: Scanning 1 messages, 24868 bytes
Nov 23 00:44:40 efa MailScanner[23062]: Virus and Content Scanning: Starting
Nov 23 00:44:40 efa MailScanner[23062]: Clamd::INFECTED:: Sanesecurity.Foxhole.Zip_jsnum225n.UNOFFICIAL :: ./C8FC4120C1C.A8000/MESSAGE_3121698113402.zip
Nov 23 00:44:40 efa MailScanner[23062]: Found spam based virus Sanesecurity.Foxhole.Zip_jsnum225n.UNOFFICIAL in C8FC4120C1C.A8000
Nov 23 00:44:40 efa MailScanner[23062]: Spam Checks: Starting
Nov 23 00:44:42 efa MailScanner[23062]: Requeue: C8FC4120C1C.A8000 to D60EE1215B5
Nov 23 00:44:42 efa MailScanner[23062]: Uninfected: Delivered 1 messages
Nov 23 00:44:42 efa postfix/qmgr[38282]: D60EE1215B5: from=<sender@domain.com>, size=24212, nrcpt=1 (queue active)
Nov 23 00:44:42 efa MailScanner[23062]: Deleted 1 messages from processing-database
Nov 23 00:44:42 efa MailScanner[23062]: Logging message C8FC4120C1C.A8000 to SQL
Nov 23 00:44:42 efa MailScanner[23065]: C8FC4120C1C.A8000: Logged to MailWatch SQL
Nov 23 00:44:42 efa postfix/smtp[31994]: D60EE1215B5: to=<recipient@domain.com>, relay=192.168.3.202[192.168.3.202]:25, delay=7.7, delays=7.5/0/0.06/0.19, dsn=2.6.0, status=sent (250 2.6.0 <770819.380504207-sendEmail@einstein> [InternalId=41051297415247, Hostname=ExchangePRIMARY.bt-store.com] Queued mail for delivery)

What's your relevant zip scanning settings in /etc/MailScanner/MailScanner.conf?

Hi.
Thanks for the reply.
I have uploaded conf file on GOOGLE drive.
Link: https://drive.google.com/open?id=0B_Cst ... HpYdnVCaTA

Change this to 3

Thanks for the hint. I don't remember that changing from default settings...

Hiiii,

Guys,i also do not know how to do command line stuff so please if you could help me do whatever i need to do via the GUI i would appreciate it.