Sophos and the flag Dangerous?
Posted: 13 Feb 2017 12:19
I used the instructions to install from another poster
viewtopic.php?f=14&t=1329&p=7288&hilit=sophos#p7288
I have noticed since installing SOPHOS has detected a number of ransomware viruses based on the double extension. All good, however on the MailWatch screen it shows the Dangerous Flag as "N"
My question is should this not be flagged has Dangerous and not be able to be released by the web frontend either by Admin or User? Others are flagged as Dangerous and not be accidentially released.
Details under "Anti-Virus/Dangerous Content Protection"
The system as flagged Virus Y and Blocked File Y
Report says:-
MailScanner: JScript Scripts are dangerous in email (67Information-00000137840.doc.js) ,Sophos: >>> Virus 'Mal/DrodZp-A' found in file ./6B3B410236F.AD842/66Information-00000137840.doc.zip MailScanner: JScript Scripts are dangerous in email (67Information-00000137840.doc.js) ,Sophos: >>> Virus 'Mal/DrodZp-A' found in file ./6B3B410236F.AD842/Information-00000137840.zip/Information-00000137840.doc.zip
Under Quarantine it says :-
Release Delete SA Learn File Type Path Dangerous?
67Information-00000137840.doc.js text/plain; charset=us-ascii 20170213/6B3B410236F.AD842/67Information-00000137840.doc.js N
66Information-00000137840.doc.zip application/zip; charset=binary 20170213/6B3B410236F.AD842/66Information-00000137840.doc.zip N
Information-00000137840.zip application/zip; charset=binary 20170213/6B3B410236F.AD842/Information-00000137840.zip N
message text/x-mail; charset=us-ascii 20170213/6B3B410236F.AD842/message N
viewtopic.php?f=14&t=1329&p=7288&hilit=sophos#p7288
I have noticed since installing SOPHOS has detected a number of ransomware viruses based on the double extension. All good, however on the MailWatch screen it shows the Dangerous Flag as "N"
My question is should this not be flagged has Dangerous and not be able to be released by the web frontend either by Admin or User? Others are flagged as Dangerous and not be accidentially released.
Details under "Anti-Virus/Dangerous Content Protection"
The system as flagged Virus Y and Blocked File Y
Report says:-
MailScanner: JScript Scripts are dangerous in email (67Information-00000137840.doc.js) ,Sophos: >>> Virus 'Mal/DrodZp-A' found in file ./6B3B410236F.AD842/66Information-00000137840.doc.zip MailScanner: JScript Scripts are dangerous in email (67Information-00000137840.doc.js) ,Sophos: >>> Virus 'Mal/DrodZp-A' found in file ./6B3B410236F.AD842/Information-00000137840.zip/Information-00000137840.doc.zip
Under Quarantine it says :-
Release Delete SA Learn File Type Path Dangerous?
67Information-00000137840.doc.js text/plain; charset=us-ascii 20170213/6B3B410236F.AD842/67Information-00000137840.doc.js N
66Information-00000137840.doc.zip application/zip; charset=binary 20170213/6B3B410236F.AD842/66Information-00000137840.doc.zip N
Information-00000137840.zip application/zip; charset=binary 20170213/6B3B410236F.AD842/Information-00000137840.zip N
message text/x-mail; charset=us-ascii 20170213/6B3B410236F.AD842/message N
