View Single Post
  #3  
Old 14th May 2010, 18:21
DrJohn DrJohn is offline
Member
 
Join Date: Aug 2007
Location: Portland, OR, USA
Posts: 66
Thanks: 8
Thanked 2 Times in 2 Posts
Default

OK, I understand about the admispconfig user. There are no other apparent errors in mail.log.

An associate uses an external virus / spam scanning service for his company (same one I used to use until I made the postfix rules stronger and installed postgrey here), and he asked about a particular trojan in a zip attachment that kept getting into his employees' inboxes. After looking at the situation, it appears that the trojan was being sent directly to his hosted server, bypassing the external scans, and that the host company had weak incoming detection capabilities.

Anyway, the subject issue arose when I tested the setup here by sending the trojan email with attachment in to my system from his. Sure enough, it never made it through to the inbox. But, when I sent the email in without the attachment (using 'reply' instead of 'forward') the same happened -- no receipt.

Perhaps clam sees the message as a threat, even without the 'live' attachment, because the message body contains the original email?

Thanks,

JH
Reply With Quote