Receiving suspected attachments that should have been removed by the virus scanning of Symantec Mail Security for Domino
|Article:TECH90496|||||Created: 2008-01-13|||||Updated: 2013-01-04|||||Article URL http://www.symantec.com/docs/TECH90496|
Users are getting suspected attachments that you think should have been removed by the virus scanning of Symantec Mail Security for Domino.
Symantec Mail Security for Domino log indicates that a file was repaired.
Apply the latest virus definitions using the intelligent updater to ensure the latest virus definitions are installed.
Ensure that Auto-Protect or Real-time scanning is enabled
Try downloading Eicar.com. If Auto-Protect or Real-time scanning is enabled, then EICAR should trigger a virus alert. EICAR contains harmless code designed to test the integrity of antivirus software.
Check the Symantec Mail Security for Domino log
To see if any detections have been found and what the action taken was.
Check if the action for 'When a Threat is Detected:' is set to 'Repair the infected attachment'
The contents of the file may have been stripped and replaced with the following text "The attachment was deleted. A violation was detected within the attachment." Changing the action to Quarantine the document will quarantine the infected file and document. If the file was sent via email, the user would not receive the email with stripped attachment.
Article URL http://www.symantec.com/docs/TECH90496