Jerry Benton | 29 Mar 13:28 2015

v4.85.2-1 Released

Ok, I made some minor updates based on feedback from testers. The new packages are now available on the
MailScanner website. Jules and I are in the process of transferring mailscanner.info domain to my
registrar. Once that is completed and I finish up the latest Mailborder development project I am working
on I will create a new website for MailScanner and a new mailman server that should remove these big delays
we have been seeing.

Thanks to everyone that tested the packages and pointed out areas of improvement. 

Package Downloads:

http://www.mailscanner.info/downloads.html

Complete Source:

https://github.com/MailScanner/v4

-
Jerry Benton
www.mailborder.com

--

-- 
MailScanner mailing list
mailscanner <at> lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 

(Continue reading)

Heino Backhaus | 27 Mar 16:10 2015
Picon

Filename wrongly triggers CLSID-Rule in Filename.rules.conf


Hello All,

I've enjoyed using mailscanner for many years now. Thanks to all.
I would realy appreciate your help with a problem i was running across.

An attached bitmap (a companys logo) triggeres wrongly the CLSID 
Filename rule.

The MailWatch report says:
Report:    MailScanner: Files containing CLSID's are trying to hide 
their real type (CLIP-%7B8EC58011.bmp)

The corresponding rule from filename.rules.conf is stated below:

# Deny filenames containing CLSID's
deny    \{[a-hA-H0-9-]{25,}\}   Filename trying to hide its real type 
                       Files containing  CLSID's are trying to hide 
their real type

The first question is. Does Mailscanner rename a file with a CLSID in 
the filename to something like this: CLIP-%7B8EC58011.bmp ?

A strange thing is that this file downloaded from Mailwatch and attached 
to a new (html) mail will pass the Mailscanner.
So i think it's renamed...
But when you try to release the mail from quarantine it triggers
the CLSID-Rule again ... I'm a little confused about this and need help.

My Softwareversions are:
(Continue reading)

Heino Backhaus | 27 Mar 15:03 2015
Picon

Does Mailscanner Rename

Hello All,

I enjoy using mailscanner for many years now. Thanks to all.
I would realy appreciate your help with a problem i was running across.

The first question is. Does Mailscanner rename a file with a CLSID in 
the filename to something like this: CLIP-%7B8EC58011.bmp ?

Now to my problem:
An attached bitmap (a companys logo) triggeres the CLSID Filename rule.

The MailWatch report says:
Report:	MailScanner: Files containing CLSID's are trying to hide their 
real type (CLIP-%7B8EC58011.bmp)

The corresponding rule from filename.rules.conf is stated below:

# Deny filenames containing CLSID's
deny    \{[a-hA-H0-9-]{25,}\}   Filename trying to hide its real type 
                         Files containing  CLSID's are trying to hide 
their real type

A strange thing is that this file downloaded from Mailwatch and attached 
to a new (html) mail will pass the Mailscanner.
So i think it's renamed and may not be the original name...
But when you try to release the mail from quarantine it triggers
the CLSID-Rule again ... I'm a little confused about this and need help.
Thanks in advance.

My Softwareversions are:
(Continue reading)

Mohammed Ejaz | 22 Mar 16:19 2015
Picon

Qurantine.

 

Hello All.

 

Sometimes, Very strangely I noticed that  My normal test Emails are being quarantined from the MailScanner.  any help would be highly appreciated.

 

I am enclosing the my MailScanner configuration file  FYR.

 

 

 

Below are my logs and I can see the my test message in the quarantine spam folder

grep -i ejazrom <at> hotmail.com /var/log/maillog

Mar 22 16:25:36 mailgate5 postfix/cleanup[4839]: E3A01A504E5: hold: header Received: from COL004-OMC3S5.hotmail.com (col004-omc3s5.hotmail.com [65.55.34.143])??by mailgate5.cyberia.net.sa (Postfix) with ESMTP id E3A01A504E5;??Sun, 22 Mar 2015 16:25:35 +0300 (AST) from col004-omc3s5.hotmail.com[65.55.34.143]; from=<ejazrom <at> hotmail.com> to=<mwt79 <at> cyberia.net.sa> proto=ESMTP helo=<COL004-OMC3S5.hotmail.com>

Mar 22 16:25:45 mailgate5 MailScanner[31920]: Message E3A01A504E5.AA0BD from 65.55.34.143 (ejazrom <at> hotmail.com) to cyberia.net.sa is spam, SpamAssassin (not cached, score=5.453, required 5, BAYES_00 -1.90, DNS_FROM_AHBL_RHSBL 2.70, FREEMAIL_FROM 0.00, HTML_MESSAGE 0.00, KAM_FROM_URIBL_PCCC 5.00, RCVD_IN_DNSWL_NONE -0.00, RP_MATCHES_RCVD -0.35, SPF_PASS -0.00)

 

 

Regards

Ejaz


%etc-dir% = /etc/MailScanner

%report-dir% = /etc/MailScanner/reports/en

%rules-dir% = /etc/MailScanner/rules

%mcp-dir% = /etc/MailScanner/mcp

Max Children = 5

Run As User = postfix

Run As Group = postfix

Queue Scan Interval = 6

Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming

Incoming Work Dir = /var/spool/MailScanner/incoming

Quarantine Dir = /var/spool/MailScanner/quarantine

PID file = /var/run/MailScanner.pid

Restart Every = 7200

MTA = postfix

Sendmail = /usr/sbin/sendmail

Sendmail2 = /usr/sbin/sendmail

Incoming Work User = postfix
Incoming Work Group = clamav

Incoming Work Permissions = 0600

Quarantine User = root
Quarantine Group = apache

Quarantine Permissions = 0600

Max Unscanned Bytes Per Scan = 100m
Max Unsafe Bytes Per Scan = 50m
Max Unscanned Messages Per Scan = 30
Max Unsafe Messages Per Scan = 30

Max Normal Queue Size = 800

Scan Messages = yes

Reject Message = no

Maximum Processing Attempts = 6

Processing Attempts Database = /var/spool/MailScanner/incoming/Processing.db

Maximum Attachments Per Message = 200

Expand TNEF = yes

Use TNEF Contents = replace

Deliver Unparsable TNEF = yes

TNEF Expander = /usr/bin/tnef --maxsize=1000000000

TNEF Timeout = 240

File Command = /usr/bin/file

File Timeout = 20

Gunzip Command = /bin/gunzip

Gunzip Timeout = 50

Unrar Command = /usr/bin/unrar

Unrar Timeout = 50

Find UU-Encoded Files = no

Maximum Message Size = %rules-dir%/max.message.size.rules

Maximum Attachment Size = -1

Minimum Attachment Size = -1

Maximum Archive Depth = 8

Find Archives By Content = yes

Unpack Microsoft Documents = yes

Zip Attachments = no

Attachments Zip Filename = MessageAttachments.zip

Attachments Min Total Size To Zip = 100k

Attachment Extensions Not To Zip = .zip .rar .gz .tgz .jpg .jpeg .mpg .mpe .mpeg .mp3 .rpm .htm .html .eml

Add Text Of Doc = no

Antiword = /usr/bin/antiword -f

Antiword Timeout = 50

Unzip Maximum Files Per Archive = 0

Unzip Maximum File Size = 50k

Unzip Filenames = *.txt *.ini *.log *.csv

Unzip MimeType = text/plain

Virus Scanning = yes

Virus Scanners = clamd

Virus Scanner Timeout = 300

Deliver Disinfected Files = no

Silent Viruses = HTML-IFrame All-Viruses

Still Deliver Silent Viruses = no

Non-Forging Viruses = Joke/ OF97/ WM97/ W97M/ eicar

Spam-Virus Header = X-%org-name%-MailScanner-SpamVirus-Report:

Virus Names Which Are Spam = Sane*UNOFFICIAL HTML/* *Phish*

Block Encrypted Messages = no

Block Unencrypted Messages = no

Allow Password-Protected Archives = no

Check Filenames In Password-Protected Archives = yes

Allowed Sophos Error Messages =

Sophos IDE Dir = /opt/sophos-av/lib/sav

Sophos Lib Dir = /opt/sophos-av/lib

Monitors For Sophos Updates = /opt/sophos-av/lib/sav/*.ide

Monitors for ClamAV Updates = /usr/local/share/clamav/*.cld /usr/local/share/clamav/*.cvd

ClamAVmodule Maximum Recursion Level = 8
ClamAVmodule Maximum Files = 1000
ClamAVmodule Maximum File Size = 10000000 # (10 Mbytes)
ClamAVmodule Maximum Compression Ratio = 250

Clamd Port = 3310
Clamd Socket = /tmp/clamd.socket
Clamd Lock File = # /var/lock/subsys/clamd
Clamd Use Threads = no

ClamAV Full Message Scan = yes

Fpscand Port = 10200

Dangerous Content Scanning = no

Allow Partial Messages = no

Allow External Message Bodies = no

Find Phishing Fraud = yes

Also Find Numeric Phishing = yes

Use Stricter Phishing Net = yes

Highlight Phishing Fraud = yes

Phishing Safe Sites File = %etc-dir%/phishing.safe.sites.conf

Phishing Bad Sites File = %etc-dir%/phishing.bad.sites.conf

Country Sub-Domains List = %etc-dir%/country.domains.conf

Allow IFrame Tags = disarm

Allow Form Tags = disarm

Allow Script Tags = disarm

Allow WebBugs = disarm

Ignored Web Bug Filenames = spacer pixel.gif pixel.png gap shim

Known Web Bug Servers = msgtag.com

Web Bug Replacement = http://cdn.mailscanner.info/1x1spacer.gif

Allow Object Codebase Tags = disarm

Convert Dangerous HTML To Text = no

Convert HTML To Text = no

Archives Are = zip rar ole

Allow Filenames =

Deny Filenames =

Filename Rules = %etc-dir%/filename.rules.conf

Allow Filetypes =

Allow File MIME Types =

Deny Filetypes =

Deny File MIME Types =

Filetype Rules = %etc-dir%/filetype.rules.conf

Archives: Allow Filenames =
Archives: Deny Filenames =
Archives: Filename Rules = %etc-dir%/archives.filename.rules.conf
Archives: Allow Filetypes =
Archives: Allow File MIME Types =
Archives: Deny Filetypes =
Archives: Deny File MIME Types =
Archives: Filetype Rules = %etc-dir%/archives.filetype.rules.conf

Default Rename Pattern = __FILENAME__.disarmed

Quarantine Infections = yes

Quarantine Silent Viruses = no

Quarantine Modified Body = no

Quarantine Whole Message = yes

Quarantine Whole Messages As Queue Files = no

Keep Spam And MCP Archive Clean = no

Language Strings = %report-dir%/languages.conf

Rejection Report = %report-dir%/rejection.report.txt

Deleted Bad Content Message Report  = %report-dir%/deleted.content.message.txt
Deleted Bad Filename Message Report = %report-dir%/deleted.filename.message.txt
Deleted Virus Message Report        = %report-dir%/deleted.virus.message.txt
Deleted Size Message Report        = %report-dir%/deleted.size.message.txt

Stored Bad Content Message Report  = %report-dir%/stored.content.message.txt
Stored Bad Filename Message Report = %report-dir%/stored.filename.message.txt
Stored Virus Message Report        = %report-dir%/stored.virus.message.txt
Stored Size Message Report        = %report-dir%/stored.size.message.txt

Disinfected Report = %report-dir%/disinfected.report.txt

Inline HTML Signature = %report-dir%/inline.sig.html
Inline Text Signature = %report-dir%/inline.sig.txt

Signature Image Filename = %report-dir%/sig.jpg
Signature Image <img> Filename = signature.jpg

Inline HTML Warning = %report-dir%/inline.warning.html
Inline Text Warning = %report-dir%/inline.warning.txt

Sender Content Report        = %report-dir%/sender.content.report.txt
Sender Error Report        = %report-dir%/sender.error.report.txt
Sender Bad Filename Report = %report-dir%/sender.filename.report.txt
Sender Virus Report        = %report-dir%/sender.virus.report.txt
Sender Size Report         = %report-dir%/sender.size.report.txt

Hide Incoming Work Dir = yes

Include Scanner Name In Reports = yes

Mail Header = X-%org-name%-MailScanner:

Spam Header = X-%org-name%-MailScanner-SpamCheck:

Spam Score Header = X-%org-name%-MailScanner-SpamScore:

Information Header = X-%org-name%-MailScanner-Information:

Add Envelope From Header = yes

Add Envelope To Header = no

Envelope From Header = X-%org-name%-MailScanner-From:

Envelope To Header = X-%org-name%-MailScanner-To:

ID Header = X-%org-name%-MailScanner-ID:

IP Protocol Version Header = # X-%org-name%-MailScanner-IP-Protocol:

Spam Score Character = s

SpamScore Number Instead Of Stars = no

Minimum Stars If On Spam List = 0

Clean Header Value       = Found to be clean
Infected Header Value    = Found to be infected
Disinfected Header Value = Disinfected

Information Header Value = Please contact the ISP for more information

Detailed Spam Report = yes

Include Scores In SpamAssassin Report = yes

Always Include SpamAssassin Report = no

Multiple Headers = append

Place New Headers At Top Of Message = no

Hostname = the %org-name% ($HOSTNAME) MailScanner

Sign Messages Already Processed = no

Sign Clean Messages = yes

Attach Image To Signature = no

Attach Image To HTML Message Only = yes

Allow Multiple HTML Signatures = no

Dont Sign HTML If Headers Exist = # In-Reply-To: References:

Mark Infected Messages = yes

Mark Unscanned Messages = yes

Unscanned Header Value = Not scanned: please contact your Internet E-Mail Service Provider for details

Remove These Headers = X-Mozilla-Status: X-Mozilla-Status2:

Deliver Cleaned Messages = yes

Notify Senders = yes

Notify Senders Of Viruses = no

Notify Senders Of Blocked Filenames Or Filetypes = yes

Notify Senders Of Blocked Size Attachments = no

Notify Senders Of Other Blocked Content = yes

Never Notify Senders Of Precedence = list bulk

Scanned Modify Subject = no # end

Filename Modify Subject = start

Filename Subject Text = {Filename?}

Content Subject Text = {Dangerous Content?}

Size Subject Text = {Size}

Disarmed Modify Subject = no

Phishing Modify Subject = no

Phishing Subject Text = {Fraud?}

Spam Subject Text = {Spam?}

High Scoring Spam Subject Text = {Spam?}

Warning Is Attachment = yes

Attachment Warning Filename = %org-name%-Attachment-Warning.txt

Attachment Encoding Charset = ISO-8859-1

Archive Mail =

Missing Mail Archive Is = directory

Send Notices = yes

Notices Include Full Headers = yes

Hide Incoming Work Dir in Notices = no

Notice Signature = -- \nMailScanner\nEmail Virus Scanner\nwww.mailscanner.info

Notices From = MailScanner

Notices To = postmaster

Local Postmaster = postmaster

Spam List Definitions = %etc-dir%/spam.lists.conf

Virus Scanner Definitions = %etc-dir%/virus.scanners.conf

Spam Checks = yes

Spam List = # spamhaus-ZEN # You can un-comment this to enable them

Spam Domain List =

Spam Lists To Be Spam = 1

Spam Lists To Reach High Score = 3

Spam List Timeout = 10

Max Spam List Timeouts = 7

Spam List Timeouts History = 10

Is Definitely Not Spam = %rules-dir%/spam.whitelist.rules

Is Definitely Spam = no

Definite Spam Is High Scoring = no

Ignore Spam Whitelist If Recipients Exceed = 20

Max Spam Check Size = 200k

Use Watermarking = no

Add Watermark = yes

Check Watermarks With No Sender = yes

Treat Invalid Watermarks With No Sender as Spam = nothing

Check Watermarks To Skip Spam Checks = yes

Watermark Secret = %org-name%-Secret

Watermark Lifetime = 604800

Watermark Header = X-%org-name%-MailScanner-Watermark:

Use SpamAssassin = yes

Max SpamAssassin Size = 200k

Required SpamAssassin Score = 5

High SpamAssassin Score = 8

SpamAssassin Auto Whitelist = yes

SpamAssassin Timeout = 75

Max SpamAssassin Timeouts = 10

SpamAssassin Timeouts History = 30

Check SpamAssassin If On Spam List = yes

Include Binary Attachments In SpamAssassin = no

Spam Score = yes

Cache SpamAssassin Results = yes

SpamAssassin Cache Database File = /var/spool/MailScanner/incoming/SpamAssassin.cache.db

Rebuild Bayes Every = 0

Wait During Bayes Rebuild = no

Use Custom Spam Scanner = no

Max Custom Spam Scanner Size = 20k

Custom Spam Scanner Timeout = 20

Max Custom Spam Scanner Timeouts = 10

Custom Spam Scanner Timeout History = 20

Spam Actions = store

High Scoring Spam Actions = store

Non Spam Actions = deliver header "X-Spam-Status: No"

SpamAssassin Rule Actions =

Sender Spam Report         = %report-dir%/sender.spam.report.txt
Sender Spam List Report    = %report-dir%/sender.spam.rbl.report.txt
Sender SpamAssassin Report = %report-dir%/sender.spam.sa.report.txt

Inline Spam Warning = %report-dir%/inline.spam.warning.txt

Recipient Spam Report = %report-dir%/recipient.spam.report.txt

Enable Spam Bounce = %rules-dir%/bounce.rules

Bounce Spam As Attachment = no

Syslog Facility = mail

Log Speed = no

Log Spam = yes

Log Non Spam = no

Log Delivery And Non-Delivery = no

Log Permitted Filenames = no

Log Permitted Filetypes = no

Log Permitted File MIME Types = no

Log Silent Viruses = no

Log Dangerous HTML Tags = no

Log SpamAssassin Rule Actions = yes

SpamAssassin Temporary Dir = /var/spool/MailScanner/incoming/SpamAssassin-Temp

SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

SpamAssassin Install Prefix =

SpamAssassin Site Rules Dir = /etc/mail/spamassassin

SpamAssassin Local Rules Dir =

SpamAssassin Local State Dir = # /var/lib/spamassassin

SpamAssassin Default Rules Dir =

DB DSN =

DB Username =

DB Password =

SQL Serial Number =

SQL Quick Peek =

SQL Config =

SQL Ruleset =

SQL SpamAssassin Config =

SQL Debug = no

MCP Checks = no

First Check = spam

MCP Required SpamAssassin Score = 1
MCP High SpamAssassin Score = 10
MCP Error Score = 1

MCP Header = X-%org-name%-MailScanner-MCPCheck:
Non MCP Actions = deliver
MCP Actions = deliver
High Scoring MCP Actions = deliver
Bounce MCP As Attachment = no

MCP Modify Subject = start
MCP Subject Text = {MCP?}
High Scoring MCP Modify Subject = start
High Scoring MCP Subject Text = {MCP?}

Is Definitely MCP = no
Is Definitely Not MCP = no
Definite MCP Is High Scoring = no
Always Include MCP Report = no
Detailed MCP Report = yes
Include Scores In MCP Report = no
Log MCP = no

MCP Max SpamAssassin Timeouts = 20
MCP Max SpamAssassin Size = 100k
MCP SpamAssassin Timeout = 10

MCP SpamAssassin Prefs File = %mcp-dir%/mcp.spam.assassin.prefs.conf
MCP SpamAssassin User State Dir =
MCP SpamAssassin Local Rules Dir = %mcp-dir%
MCP SpamAssassin Default Rules Dir = %mcp-dir%
MCP SpamAssassin Install Prefix = %mcp-dir%
Recipient MCP Report = %report-dir%/recipient.mcp.report.txt
Sender MCP Report = %report-dir%/sender.mcp.report.txt

Use Default Rules With Multiple Recipients = no

Read IP Address From Received Header = no

Spam Score Number Format = %d

MailScanner Version Number = 4.84.6

SpamAssassin Cache Timings = 1800,300,10800,172800,600

Debug = no

Debug SpamAssassin = no

Run In Foreground = no

Always Looked Up Last = &MailWatchLogging

Always Looked Up Last After Batch = no

Deliver In Background = yes

Delivery Method = batch

Split Exim Spool = no

Lockfile Dir = /var/spool/MailScanner/incoming/Locks

Custom Functions Dir = /usr/lib/MailScanner/MailScanner/CustomFunctions

Lock Type = 

Syslog Socket Type =

Automatic Syntax Check = yes

Minimum Code Status = supported

include /etc/MailScanner/conf.d/*

--

-- 
MailScanner mailing list
mailscanner <at> lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 
Chris Chapman | 19 Mar 18:26 2015

MailScanner and SA Bayes

I guess that might be more of a SA question but, maybe somebody knows the answer: Does the option 'Rebuild
Bayes Every xxx’ nullify any SA-Learn actions?  Meaning if I train a message as spam, will SA forget this
after a rebuild?

Sorry I couldn’t find this info on the SA site.  TIA.

Chris Chapman
chapman <at> simplesrv.com

--

-- 
MailScanner mailing list
mailscanner <at> lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 
Sylvain Viart | 19 Mar 16:20 2015

who match first Filename Rules or Filetype Rules ?

Hi,

I would like to know which rules will match first?

Where is it handled in the code?

Regards.
Sylvain.

--

-- 
MailScanner mailing list
mailscanner <at> lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 

Jim Creason | 18 Mar 18:35 2015
Picon

debian 4.85.2-1 RC


I've installed the .deb on a fresh install and it mostly works just 
fine.  The only things I've noticed were a few typos in the notes inside 
MailScanner.conf and /etc/default/mailscanner, and that the init script 
has a couple issues with the lockfile.  The location by default is 
/var/lock/MailScanner.off but it should be 
/var/lock/MailScanner/mailscanner.off and the touch is still pointed at 
/var/lock/subsys .
All in all, great work Jerry, many thanks.

		--jim

-- 
Jim Creason

Chief Engineer

Shouting Ground Technologies
--

-- 
MailScanner mailing list
mailscanner <at> lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 

Peter Nitschke | 18 Mar 03:38 2015
Picon

CryptoLock

How does anyone deal with all the new cryptolock stuff?

Macros in docx files etc.

--

-- 
MailScanner mailing list
mailscanner <at> lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 

Brad Triem | 16 Mar 17:54 2015

Spamassasin Rule Actions SpamScore negative values issue


I was able to resolve the first issue of negative numbers.  See attached patch file for MailScanner-4.84.6-1.  One line regex modification to allow for negative numbers in SpamScore for Spamassassin Rule Actions.

Regards,
Brad


From: "Brad Triem" <brad <at> trinsictech.com>
To: "MailScanner discussion" <mailscanner <at> lists.mailscanner.info>
Sent: Saturday, September 20, 2014 2:25:58 PM
Subject: Spamassasin Rule Actions SpamScore negative values issue
There appears to be a parsing issue when declaring a negative number when using Spamassassin Rule Actions: SpamScore.

Working example:

SpamScore<0=>store-/to/some/directory

Failing example:

SpamScore<-2=>store-/to/some/dirctory

Also, on the same note, I would like to have multiple default FromOrTo: actions of the same type of check, but the below doesn't work.  It only does the last action.

FromOrTo:       default         SpamScore<0=>store-/to/some/directory SpamScore>10=>store-/to/some/other/dirctory

Has anyone found a way around this or perhaps I'm doing something wrong?

Regards,
Brad

Attachment (Message.pm.patch): text/x-patch, 721 bytes
--

-- 
MailScanner mailing list
mailscanner <at> lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 
Mohammed Ejaz | 15 Mar 15:31 2015
Picon

unable-to-release-qurantine-message

 

Hill

 

I am trying to release the quarantine message with the below send mail command, but still it get failed to release and shows the below error. Any help would be highly appreciated.

 

 

Thanks in advance

 

 

 

Below are my settings In MailScanner.conf

Quarantine Whole Messages As Queue Files = no

and in the quarantine directory you have a file called message (this is the complete human-readible message, but without the envelope info). Just do

 

Command

 

cd /path/to/quarantine/dir

sendmail -t -i < message

 

 

Error

 

============================================================================================

his is a message from the MailScanner E-Mail Virus Protection Service

----------------------------------------------------------------------

The original e-mail attachment "EAWEMA150300207, ELSHERIF AHMED.RAMI.doc"

is on the list of unacceptable attachments for this site and has been

replaced by this warning message.

 

If you wish to receive a copy of the original attachment, please

e-mail helpdesk and include the whole of this message

in your request. Alternatively, you can call them, with

the contents of this message to hand when you call.

 

At Sun Mar 15 17:16:24 2015 the virus scanner said:

   MailScanner: Attempt to hide real filename extension (EAWEMA150300207, ELSHERIF AHMED.RAMI.doc)

 

Note to Help Desk: Look on the yoursite (nmersal.cyberia.net.sa) MailScanner in /var/spool/MailScanner/quarantine/20150315 (message 1208F5DFF51.A76CD).

--

Postmaster

Your Organisation Name Here

www.your-organisation.com

 

For all your IT requirements visit: http://www.transtec.co.uk

==================================================================================================================

--

-- 
MailScanner mailing list
mailscanner <at> lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 
Jerry Benton | 15 Mar 07:14 2015

v4.85.2-1 Release Candidates

Ok, here are all of the packages. These will be released in one or two weeks after I get some feedback. I built
in an auto save feature for Custom Functions since the directory structures have changed. (Except for the
tarball installer.)

Tarball: https://s3.amazonaws.com/mailscanner/test/MailScanner-install-4.85.2-1.tar.gz

RHEL: https://s3.amazonaws.com/mailscanner/test/MailScanner-4.85.2-1.rpm.tar.gz

SuSE: https://s3.amazonaws.com/mailscanner/test/MailScanner-4.85.2-1.suse-rpm.tar.gz

Debian: https://s3.amazonaws.com/mailscanner/test/MailScanner-4.85.2-1.deb.tar.gz

-
Jerry Benton
www.mailborder.com

--

-- 
MailScanner mailing list
mailscanner <at> lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 


Gmane