Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 26 subscribers
  • Views 1586 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG 18.0.4 MR4 - MTA SAV misses virus: Mal/Generic-S, CXmail/MalPE-BV

Fred_B


Behind the XG with MTA we are still running Puremessage. Puremessage is EOL and the virus and spam definitions are no longer updated. Still the XG with the latest definitions does not recognize an attachment that was identified by Puremessage as:

Virus infection detected
Location: Consignment Document.gz
Replaced with text: Yes
Virus name(s): Mal/Generic-S, CXmail/MalPE-BV



This thread was automatically locked due to age.
Parents
  • 0

    Hello Fred,

    Thank you for contacting the Sophos Community.

    Please, submit the sample using this link.

    Regards,

  • 0 in reply to emmosophos

    It was replaced with text by Puremessage. Puremessage spam and virus definitions ended 2020. 

    The XG is uptodate and checks at a 2 hourly interval. General setting malware scanning is set to Sophos. Mail policy is set to use dual scanning. It is ofcourse set to scan in and outgoing email. The e-mail rules also have Smtp and Smtps enabled. Stilll it was cleared by the XG and delivered to Puremessage that detetected as viral based on an outofdate definition database. 

  • 0 in reply to Fred_B

    I have created case 03694098 for this.

    I was able to find the .eml file. The .gz file within this .eml file containing the virus is not detected by Endpoint X either. It is only found by Puremessage scanning the mailbox.

Reply Children