I have configured amavis and postfix. But in the virus mails it is ripping off the sender name. it gives VIRUS (Worm.Bagle.Gen-zippwd,Worm.Bagle.Gen-zippwd) IN MAIL TO YOU (from ?@mailhost.tifr.res.in).
Can anybody give me any clue to get the name sender as well. postfix version 2.1.4-5 amavisd-new version 20030616p10-5 clamav-daemon version 0.80-7 Here is the sample mail.
Date: Thu, 3 Feb 2005 19:20:00 +0530 (IST) From: virusalert@tifr.res.in To: santoshk@mhtest.tifr.res.in Subject: VIRUS (Worm.Bagle.Gen-zippwd, Worm.Bagle.Gen-zippwd) IN MAIL TO YOU (from ?@mailhost.tifr.res.in)
VIRUS ALERT
Our content checker found viruses: Worm.Bagle.Gen-zippwd, Worm.Bagle.Gen-zippwd in an email to you from unknown sender:
?@mailhost.tifr.res.in
The message has been quarantined as: /var/lib/amavis/virusmails/virus-20050203-192000-01370-01
Please contact your system administrator for details.
can anybody please help me.
Regards,
Santosh K
On 10/02/05 10:18 +0530, Santosh Laxman Kyadari wrote:
I have configured amavis and postfix. But in the virus mails it is ripping off the sender name. it gives VIRUS (Worm.Bagle.Gen-zippwd,Worm.Bagle.Gen-zippwd) IN MAIL TO YOU (from ?@mailhost.tifr.res.in).
I do hope that you are aware that Bagle spoofs sender addresses. Turning off notifications is the best thing you can do. I personally block virus notification senders, they always send to the wrong address. Notifying the recipient that a virus infected message was recieved is pretty much useless, since there aren't too many messages with legitimate content and viruses floating around.
Devdas Bhagat
-
Devdas Bhagat -
Santosh Laxman Kyadari