[Mimedefang] Slipping MyWife.d at MM virus by McAfee
Mathew Thomas
mathew.thomas at rmit.edu.au
Fri Jan 27 00:46:38 EST 2006
>>> mathew.thomas at rmit.edu.au 25/01/06 15:05 >>>
Hi,
mail gateways running Solaris 9 with Sendmail 8-13.1 +Mimedefang 2.44
+
SpamAssassin 2.64 with Uvscan & ClamAv
Some of our staff received W32/MyWife.d at MM virus which were sent to
them as forwarded mail as Attachment. This means some MIME encoded virus
are slipping through. I did some test by forwarding virus infected mail
via gateway and it is getting through.
In mimedefang.pl, I added "--mime" flag for uvscan.
# Run uvscan
my($code, $category, $action) =
run_virus_scanner($Features{'Virus:NAI'} . " --noboot --secure
--allole ./Work 2>&1", "Found");
Changed file:
# Run uvscan
my($code, $category, $action) =
run_virus_scanner($Features{'Virus:NAI'} . " --noboot --secure
--mime --allole ./Work 2>&1", "Found");
After changing the gateway is detecting the virus which was not
detecting before. Is it safe to change it permanently? Couple of years
ago( during the Sobig virus) , I remember, the above is going permanent
feature.
Mathew
More information about the MIMEDefang
mailing list