Perhaps this will make it through - original question is about a virus that appears to get through Clam AV and if my setup is correct or not.
--- Begin Message ---The original message was received at Wed, 31 Mar 2004 06:09:49 -0800 from [1.0.24.3]----- The following addresses had permanent fatal errors ----- <[EMAIL PROTECTED]> (reason: 550-Postmaster verification failed while checking <[EMAIL PROTECTED]>) ----- Transcript of session follows ----- ... while talking to mail.sourceforge.net.: >>> RCPT To:<[EMAIL PROTECTED]> <<< 550-Postmaster verification failed while checking <[EMAIL PROTECTED]> <<< 550-Called: 24.199.42.50 <<< 550-Sent: RCPT TO:<[EMAIL PROTECTED]> <<< 550-Response: 550 microvore.com <<< 550-Several RFCs state that you are required to have a postmaster <<< 550-mailbox for each mail domain. This host does not accept mail <<< 550-from domains whose servers reject the postmaster address. <<< 550 Sender verify failed 550 5.1.1 <[EMAIL PROTECTED]>... User unknownReporting-MTA: dns; www.microvore.com Received-From-MTA: DNS; [1.0.24.3] Arrival-Date: Wed, 31 Mar 2004 06:09:49 -0800 Final-Recipient: RFC822; [EMAIL PROTECTED] Action: failed Status: 5.1.1 Remote-MTA: DNS; mail.sourceforge.net Diagnostic-Code: SMTP; 550-Postmaster verification failed while checking <[EMAIL PROTECTED]> Last-Attempt-Date: Wed, 31 Mar 2004 06:09:56 -0800--- Begin Message --- I have Clam AV with current database and over the last 2 days have seen an ever-increasing load of what Norton says:
Norton AntiVirus removed the attachment: msg.zip. The attachment was infected with the [EMAIL PROTECTED] virus.
Does a properly configured Clam AV catch this sucker (i.e. did I mess something up during compile/install)?
Clamd is running and has caught a few other items. Clamscan is called in the following manner from my SMTP proxy (i.e. the one I wrote):
/usr/local/bin/clamscan --infected --no-summary
And the return status is checked.
TIA
--- End Message ---
--- End Message ---
