On Fri, Dec 03, 2004 at 11:07:48AM -0500, Rob Kudyba wrote: > "Malformed SA reply. SPAMD/1.0 76 Bad header line: (Content-Length > mismatch: Expected 77970 bytes, got 77972 bytes)" > > This doesn't seem to happen on other OS'es, e.g., OS X/Darwin or > Solaris, and of course an upgrade to ClamAV 0.80 correctly catches the > file as a Sober.I virus...anything else to do as we've seen this error > with non-virus mails as well...
The only interesting thing I see is that there are 2 NULL chars (raw binary) at the end of the pif attachment, making the whole message completely invalid per the RFC. That is very likely confusing something in the system since nulls aren't ever supposed to be there. You should just have your MTA drop mails that have raw null characters in them. -- Randomly Generated Tagline: Be warned that typing \fBkillall \fIname\fP may not have the desired effect on non-Linux systems, especially when done by a privileged user. (From the killall manual page)
pgp1Xqc7ieGmi.pgp
Description: PGP signature
