C&C Software - Canadian Distributor Thursday, September 09, 2010


C&C Home | Product Portfolio | Resellers
SecurityPlus
Overview
Features
Screenshots
Pricing
Purchase
Sales FAQ
Requirements
Download


MDaemon
Outlook Connector




Click to verify BBB accreditation and to see a BBB report.
MDaemon AntiVirus
Introduction of SecurityPlus for MDaemon - Frequently Asked Question

Question: What do I do with a virus that is not being detected by SecurityPlus for MDaemon?

If you have made sure that your virus definitions are updated and SecurityPlus is still not detecting it, submit the file to Kaspersky.
Zip the file with a password.
Send the sample and the password in the message body to newvirus@kaspersky.com. The recipients of the newvirus@kaspersky.com address are analysts only responsible for virus signature records and do not answer any requests for support.


Question: Zipped files are going into the Antivirus quarantine. How can I prevent this?

Newer versions of WinZip use a proprietary format called PPMd that our SecurityPlus AntiVirus engine does not yet understand. Until we can support it, do not use the PPMd format to compress your files.


Question: Can I run a 3rd party AntiVirus Solution on the same machine with SecurityPlus for MDaemon?

It is possible to run two antivirus programs on the MDaemon machine. An antivirus program that runs in the background and checks all files - not just emails - would not be a bad idea! To ensure that there is no compatibility problems or clashing between SecurityPlus for MDaemon and your other antivirus solution, you must exclude the entire MDaemon directory structure from scanning. This is also required in general even if you do not have SecurityPlus installed - if a third-party AV solution locks a file that MDaemon is using, there will be unexpected results.


Question: What should I do with messages scored improperly by Outbreak Protection/SecurityPlus?

Send these messages along to us (forward as attachment) to the following addresses, depending on which error it is:

  • spamfn@altn.com - messages that should have been marked as Spam by Outbreak Protection and weren't
  • spamfp@altn.com - messages that shouldn't have been marked as Spam by Outbreak Protection and were
How does one tell if Outbreak Protection scored a message as spam or not? Look at the full message headers.
This will appear if OP marked it as spam in the X-MDOP-Ref header:
st=3
st=4
This will appear if OP didn't mark it as spam in the X-MDOP-Ref header:
st=1
st=2
Scores of 3 and 4 should be submitted as false positives if they are not spam.
Scores of 1 and 2 should be submitted as false negatives if they are spam.
Do not submit 3 or 4 scored-messages as false negatives, and do not submit scores of 1 or 2 as false positives.
Time is of the essence with Outbreak Protection. Old messages are not able to be analyzed because spam characteristics are dynamically changed over a short period of time due to the nature of spam distribution methods. It is therefore highly important that you send reports about classification mistakes as soon as possible. As a rule of thumb, avoid reports that are more than one week old.
If a message is improperly classified as a virus by Outbreak Protection, you can send it to virusfn@altn.com or virusfp@altn.com, whichever is appropriate.
If you are sending a report of a virus false negative the original email must be archived in a password protected ZIP File with a password of 'infected'. If you are just sending a report of a false positive you can either send the entire message or just the X-MDOP-RefID header, similar to the spam false positive procedure.


Question: Will SecurityPlus scan my entire computer for viruses?

No, SecurityPlus for MDaemon only checks emails that are sent through MDaemon to see if they are infected. It will not scan any other files for viruses.


Question: MDaemon AntiVirus updates are giving an error message. The error is on the file avp.set file. How can I fix this?

An important file that MDAV needs to process mail was not downloaded and installed correctly during a routine AntiVirus update. To ensure your mail server is working properly, please manually update the AntiVirus database.

  1. Open MDaemon.
  2. Navigate to Security | AntiVirus.
  3. Select the AntiVirus Updater tab.
  4. Click Update AV Signatures Now.
  5. Be sure to check for messages that may have been quarantined and place them back into the queues for processing and delivery. The quarantine by default is located in C:\MDaemon\Cfilter\Quarant but may be different for your installation.
  1. Use Windows Explorer to navigate to C:\MDaemon\BadMsgs.
  2. Delete or move all the files in this directory.
  3. Use Windows Explorer to navigate to C:\MDaemon\Cfilter\Quarant.
  4. Move all the *.msg files from this folder directly to C:\MDaemon\localq.
  5. Start MDaemon if it is not already running.
  6. Let MDaemon delivery the messages in the localq. Note: Messages that were destined for non-local users will be placed into the bad message queue.
  7. Once the localq messages have been processed, open C:\MDaemon\BadMsgs with Windows Explorer.
  8. Move all the *.msg files from this folder directly to C:\MDaemon\remoteq. This will put all the non-local mail into the remote queue for delivery.
Note: If you are running a MDaemon version prior to 7.0, the messages will just sit in the local queue if they are not bound for a local user. You can move them with Windows Explorer per the instructions above - just move the messages from C:\MDaemon\localq to C:\MDaemon\remoteq.


Question: MDaemon is no longer delivering in or outbound mail to the appropriate destination. How can I fix this?

An important file that MDAV needs to process mail was not being downloaded and installed correctly during a routine AntiVirus update. To ensure your mail server is working properly, please manually update the AntiVirus database.

  1. Open MDaemon.
  2. Navigate to Security | AntiVirus.
  3. Select the AntiVirus Updater tab.
  4. Click Update AV Signatures Now.
  5. Be sure to check for messages that may have been quarantined and place them back into the queues for processing and delivery. The quarantine by default is located in C:\MDaemon\Cfilter\Quarant but may be different for your installation.
  1. Use Windows Explorer to navigate to C:\MDaemon\BadMsgs.
  2. Delete or move all the files in this directory.
  3. Use Windows Explorer to navigate to C:\MDaemon\Cfilter\Quarant.
  4. Move all the *.msg files from this folder directly to C:\MDaemon\localq.
  5. Start MDaemon if it is not already running.
  6. Let MDaemon delivery the messages in the localq. Note: Messages that were destined for non-local users will be placed into the bad message queue.
  7. Once the localq messages have been processed, open C:\MDaemon\BadMsgs with Windows Explorer.
  8. Move all the *.msg files from this folder directly to C:\MDaemon\remoteq. This will put all the non-local mail into the remote queue for delivery.
Note: If you are running a MDaemon version prior to 7.0, the messages will just sit in the local queue if they are not bound for a local user. You can move them with Windows Explorer per the instructions above - just move the messages from C:\MDaemon\localq to C:\MDaemon\remoteq.



Did you Know?

Did You Know?



Overview | Features | Pricing | Purchase | Download | Support | MDaemon| Contact Us | Privacy Policy

Questions on how to protect your mail server against Viruses, SPAM, and Malicious Email? Email C&C Software Solutions at sales@ccsoftware.ca.

Copyright© © 1997 - 2010 C&C Software Solutions Inc., All Rights Reserved