Support queries shared: ‘NOT SCANNED’ messages in quarantine folder

As you can imagine, this one’s got the potential to cause a fair amount of head-scratching – I see it quite a lot too.

Symptoms are that messages are being incorrectly quarantined by MDaemon’s security module SecurityPlus even though the message is from a trusted sender and the attachment is clean of any viruses. Typically when we look into these examples there is one common factor.

The warning message will usually refer to a virus type ‘NOT SCANNED‘. What is actually being highlighted here is not that a message has been quarantined because of a detected threat, but rather that the message could not be scanned successfully. In this case the safest and therefore default action in MDaemon is to err on the side of caution and quarantine it.

So why wouldn’t a message be scanned by MDaemon? The most common reason is that it contains an attachment that’s a password protected file, and without the password the contents can’t be decrypted to be scanned.

Up until recently the way to resolve this was to turn off that default action for messages that can’t be scanned and instead allow them to pass through the AV engine and be delivered. This is the option ‘Quarantine Messages that cannot be scanned’ under Security -> Antivirus can be un-ticked to allow any messages through if the cannot be scanned. This removes the error but is not ideal as any files that can’t be scanned are allowed in too, so it’s not just limited to known file types.

For this reason, a new option has been added to create an exclusion list of file extensions that can bypass scanning if they are protected with a password.

So now if your MDaemon mail server receives regular password protected pdf file for example, it’s simple to add them as an exception without having to also allow other potentially harmful files through.

Hope that was of some use – feel free to drop me a comment and let me know if you’ve got any other queries you’d like covering in future.

5 thoughts on “Support queries shared: ‘NOT SCANNED’ messages in quarantine folder

  1. Pingback: Support query shared: Know your MDaemon envelope colours | Zen Software Blog |

  2. Pingback: SMTP Port 25 * Access Denied! * | Zen Software Blog |

  3. Hi, this “Exclude Files” is usefull to me but I don’t see this button under Content Filter, I am using the latest Security Plus 4.1.5. is this feature only available in older version?

    • Hi Sylvia,

      Yes that option is only available in MDaemon version 13 used in conjunction with Security Plus 4.1.5. maybe your MDaemon installation is older?
      If you are up to date please feel free to give us a call in support to take a look at it for you you should have the option.
      Cheers Neil

      • Thanks a lot! I have updated the MDaemon to the latest version and it is work now!

Let us know what you think....

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s