As you can imagine, this one’s got the potential to cause a fair amount of head-scratching – I see it quite a lot too.
Symptoms are that messages are being incorrectly quarantined by MDaemon’s security module SecurityPlus even though the message is from a trusted sender and the attachment is clean of any viruses. Typically when we look into these examples there is one common factor.
The warning message will usually refer to a virus type ‘NOT SCANNED‘. What is actually being highlighted here is not that a message has been quarantined because of a detected threat, but rather that the message could not be scanned successfully. In this case the safest and therefore default action in MDaemon is to err on the side of caution and quarantine it.
So why wouldn’t a message be scanned by MDaemon? The most common reason is that it contains an attachment that’s a password protected file, and without the password the contents can’t be decrypted to be scanned.
Up until recently the way to resolve this was to turn off that default action for messages that can’t be scanned and instead allow them to pass through the AV engine and be delivered. This is the option ‘Quarantine Messages that cannot be scanned’ under Security -> Antivirus can be un-ticked to allow any messages through if the cannot be scanned. This removes the error but is not ideal as any files that can’t be scanned are allowed in too, so it’s not just limited to known file types.
For this reason, a new option has been added to create an exclusion list of file extensions that can bypass scanning if they are protected with a password.
So now if your MDaemon mail server receives regular password protected pdf file for example, it’s simple to add them as an exception without having to also allow other potentially harmful files through.
Hope that was of some use – feel free to drop me a comment and let me know if you’ve got any other queries you’d like covering in future.
- Synchronise your Windows 8 email and calendar apps with MDaemon (zensoftware.co.uk)