Logout

Alt-N Discussion Groups > MDaemon Discussion Groups > MDaemon Anti-virus Plug-in > Lot's of viruses today

Edmund Cramp

Send email to eac@motion-labs.com

Which Alt-N products do you use?

MDaemon
Outlook Connector
WebAdmin

Most recent posts: Edmund Cramp

IMPORTANT NOTICE: In order for your MDaemon AntiVirus to continue functioning - 09:57am Nov 23, 2022 CDT - We've seen virus and malware deliveries increasing a lot this year but our MDAV is getting regular AV updates and now almost everything is being blocked.
Thanks!

MDaemon Holding Queue Summary is N/A - 04:28pm Nov 17, 2022 CDT - The holding queue messages contain "unspecified error during antivirus processing" - however sending the message to VirusTotal shows them to be fine.

Some update ideas - 03:36pm Nov 16, 2022 CDT - Just had a virus delivered, I used the quarentine option to send the MDAV declared clean file to virusfn@mdaemon.com and it was refused because it was seen as spam:

Wed 2022-11-16 14:30:49.940: --> RCPT To:<virusfn@mdaemon.com>
Wed 2022-11-16 14:30:49.940: --> DATA
Wed 2022-11-16 14:30:50.172: <-- 250 2.1.0 Sender OK Wed 2022-11-16 14:30:50.265: <-- 250 2.1.5 Recipient OK Wed 2022-11-16 14:30:50.266: <-- 354 Enter mail, end with <CRLF>.<CRLF>
Wed 2022-11-16 14:30:50.266: Sending <c:\mdaemon\queues\remote\pd5001000120441.msg> to [65.99.242.68]
Wed 2022-11-16 14:30:50.705: Transfer Complete
Wed 2022-11-16 14:30:51.445: <-- 550 5.6.0 Sorry, message looks like SPAM to me Wed 2022-11-16 14:30:51.445: --> QUIT

Some update ideas - 10:40am Nov 16, 2022 CDT - Everyday we see infected files arriving and undetected by MDAV but when I send the "clean" message to MDaemon via the quarantine option it will be rejected as "infected" although the current updated MDAV and mail server say that it's clean. MDAV only detects about a third of the daily malware deliveries and there's no way to let MDaemon know about the MDAV failures.

Some update ideas - 12:13pm Nov 14, 2022 CDT - I would like to add a new option when MDAV detects a Virus, currently it wants to "refuse" it which can mean that anyone sending the server a Virus will change to a new virus, encouraging them to develop a Virus that sails through MDAV.
I would prefer to just accept the infected message and then delete it (or secretly store the message for a day) without telling the sender effectively to update their Virus deliveries.
Our current environment is that MDAV only detects and deletes about two thirds of the daily Viruses, I'm independently detecting and stopping the rest of them.

OK


You are visiting as a Guest user.