Hi again, --On Mittwoch, 3. September 2003 12:56 +0200 "Dr. Peter Bieringer" <pbieringerat_private> wrote: > seen on Interscan Viruswall for Linux 3.8 Build 1080, one email > containing a Sobig.f passed the scanner without any detection. > > A Trend Micro "vscan" run on the received plain mail will detect the > virus. > > Response from support: add in section "[smtp]" option > "whole_file_scan=yes" > > Interesting, looks like the default is "no" (very dangerous imho), also > it looks like this option is neither documented nor changeable via web > interface. Inbetween I got additional URLs from another guy: http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionID=13531 http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionID=15152 Problem is a "known issue"...read for yourself...has anyone ever received a warning about that problem from the vendor? It's not nice to get information after an incident... Peter -- Dr. Peter Bieringer Phone: +49-8102-895190 AERAsec Network Services and Security GmbH Fax: +49-8102-895199 Wagenberger Straße 1 Mobile: +49-174-9015046 D-85662 Hohenbrunn E-Mail: pbieringerat_private Germany Internet: http://www.aerasec.de _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Wed Sep 03 2003 - 04:51:26 PDT