mmww 0 Posted April 5, 2016 Share Posted April 5, 2016 Hi,i have a question because i once tried to update our Eset Mail Security for Linux on a debian based machine from version 4.0.10 to 4.5.3.I opened a support case at the german support team by mail in january, but they did not reply to me. I hope someone here can help me.After the upgrade to 4.5.3 the behavior differs from the state before.I tried to send the eicar test virus to my internal test account. With the old version 4.0.10 the recipient gets the cleaned up mail, the "full" mail goes into the quarantine. The daemon_notification_script was called and sent a mail to the administrator.After the upgrade, the recipient did not get the cleaned mail and there was no mail in the quarantine. The daemon_notification_script was executed and send a mail to the specified administrator.The upgrade script which migrates the esets.cfg config file produces a backup. Both files differ not on the corresponding lines. Only our quotation marks in the templates (av_eml_footnote_template_infected and av_eml_footnote_template_notscanned) were changed.Our goal is, that the local recipient gets a notification mail that somebody tried to send a message to him or that the local recipient gets the cleaned up mail. A notification mail should be sent to an administrator.In each case, we want to have the possibility to inspect the original mail and to forward or to delete it if we want to.This is our config-file: av_quarantine_enabled = yes av_scan_smart = yes action_av = "scan" action_av_infected = "discard" action_av_notscanned = "accept" action_av_deleted = "discard" action_as = "accept" action_as_spam = "accept" action_as_notscanned = "accept" av_eml_subject_modification_mask = "cleaned:deleted:infected:notscanned" av_eml_header_modification_mask = "clean:cleaned:deleted:infected:notscanned" av_eml_footnote_modification_mask = "infected:notscanned" av_eml_header_template = "%avstatus%" av_eml_subject_template = "[verdaechtige Email]" av_clean_mode = "standard" This is the notification mail, send by the daemon_notification_script with version 4.0.10 USERSPEC: recipient@domain.de|sender@domain.de MSGID: SENDER: Sender RECIPIENT: Recipient AV_STATUS: clean (cleaned) ACTION: accepted VIRUS: Eicar test file LOG: vdb=26541, agent=smtp, name="from: Sender to: Recipient with subject AW: Test dated Tue, 3 Nov 2015 13:34:16 +0100 ", virus="Eicar test file", action="quarantined - contained infected files", info="", avstatus="clean (cleaned)", hop="accepted" and this is the notification mail after the upgrade to version 4.5.3 USERSPEC: recipient@domain.de|sender@domain.de MSGID: <zarafa.56a2071c.7db5.46db4c753790cbb9@mailserver.domain.de> SENDER: RECIPIENT: AV_STATUS: infected ACTION: discarded VIRUS: Eicar test file LOG: vdb=27763, agent=smtp, name="dated Fri, 22 Jan 2016 11:40:28 +0100 ", virus="Eicar test file", action="unable to clean", info="", avstatus="infected", hop="discarded" Has anyone an idea? I cannot update to the new version as long as this behaviour is not corrected.thx and best Regardsmmww Link to comment Share on other sites More sharing options...
Recommended Posts