Hi all,
Suddenly today two totally unrelated DA servers that have been running stable now for 3 years started rejecting all (internally send and externally incoming) messages:
This message contains a virus or other harmful content (Exploit.PDF-9669) (even empty messages have this designation, so even without a PDF...)
The two servers reside in two different datacenters...
Servers are updated and nothing changed in the meantime...
Could there be a problem with the Clamd rules?
Anyone else seen this?
p.s.
from the clamd log:
stream 1100: Exploit.PDF-9669 FOUND
Accepted connection on port 1962, fd 8
stream 1962: Exploit.PDF-9669 FOUND
Accepted connection on port 1141, fd 8
stream 1141: Exploit.PDF-9669 FOUND
Accepted connection on port 2046, fd 8
stream 2046: Exploit.PDF-9669 FOUND
MIND you every messages is suddenly tagged...
<EDIT>
Just found more users having the problem:
http://www.zimbra.com/forums/admini...exploit-pdf-9669-nothing-getting-through.html
</EDIT>
Update tot 095.3 fixed the problem!
Suddenly today two totally unrelated DA servers that have been running stable now for 3 years started rejecting all (internally send and externally incoming) messages:
This message contains a virus or other harmful content (Exploit.PDF-9669) (even empty messages have this designation, so even without a PDF...)
The two servers reside in two different datacenters...
Servers are updated and nothing changed in the meantime...
Could there be a problem with the Clamd rules?
Anyone else seen this?
p.s.
from the clamd log:
stream 1100: Exploit.PDF-9669 FOUND
Accepted connection on port 1962, fd 8
stream 1962: Exploit.PDF-9669 FOUND
Accepted connection on port 1141, fd 8
stream 1141: Exploit.PDF-9669 FOUND
Accepted connection on port 2046, fd 8
stream 2046: Exploit.PDF-9669 FOUND
MIND you every messages is suddenly tagged...
<EDIT>
Just found more users having the problem:
http://www.zimbra.com/forums/admini...exploit-pdf-9669-nothing-getting-through.html
</EDIT>
Update tot 095.3 fixed the problem!
Last edited: