Virus and Spam not getting blocked sometimes

M

m_topaloff

New Member
Feb 15, 2010
4
0
1
Below is a copy of an email that is sent from our Symantec Mail Security. This message got past our Proxmox but got caught at our Exchange server. I was wanting to know why this would be past off from the Proxmox, however other message with the similar title get block for either Spam or Virus. My opinion that this is not only Spam but a virus as well and it should have blocked it. This is not the only message that was past off from the Proxmox and stop by our Symantec Mail Security. Any help with this would be greatly appreciated Thanks.
>>>>>>>>>>>>>>>>>>>>>>>
Subject: Administrator Alert: Symantec Mail Security detected a virus (SYM:19409071221284409748)

Location of the infected item: SMTP
Sender of the infected item: postmaster@blah.blahblah.com
Subject of the message: Notification: UPS Delivery Problem NR 43914.
The attachment(s) "original_message.eml" and/or the message was Deleted for the following reasons:
Unrepairable virus Trojan.Bredolab was found in UPS_invoice _3721.exe within UPS_invoice _3721.zip.

This was done due to the following Symantec Mail Security settings:
Scan: Auto-Protect
Rule: Basic Virus Rule

Server Name: blah.blahblah.com
 
as far as I remember there were configuration issue on your setup and I do not know if they are already solved - there is support ticket here (opened from your reseller) - so I suggest that we communicate on one support channel to keep things simple.
 
I am sorry I forgot to mention that our reseller did upgrade us to 2.4 and mail is flowing again. Also I forgot to mention that support from our reseller are the ones who told me to post this.
Sorry for that
 
the question is: did you fix and validate all mail flow issues detected on the first analysis? there was a wrong port configured.
 
Yes we believe that have fixed the mail flow issue and mail is flowing correctly and it was a port configuration issue.
 
  • Check if the virus email in question was scanned by the Proxmox Mail Gateway (see MessageTracking Center)
  • As you operate two virus scanners I am in doubt that both failed, so I assume there is still something wrong
  • If yes, can you send the email with the virus in *.eml format? pls use an password protected zip and send to support@proxmox.com (or save it somewhere on a web server that we can download it.)
  • Also send a backup of your configuration (that we can validate the settings)
 
You must log in or register to reply here.
Top Bottom