WinGate Forums

[kgoodknecht]

I've tried every setting I could on the plugin and email configuration. You cannot send a password protected zip file through the Wingate mail server with the AV plugin enabled.
Wingate v6.1 build 1068
Kaspersky AV v2
This may relate to MastaCico's problem. I rezipped the file without a password, and sent it successfully.

Here is what the mail server logs:

11/13/05 12:28:00 192.168.1.203 Guest 0000003001 Error: ==== Message file 0000381420 rejected - Content blocked. Kaspersky AntiVirus 2.0 for WinGate blocked 0000381420. The file may contain Password-protected-EXE
11/13/05 12:28:00 192.168.1.203 Guest 0000003001 Requested: SMTP In: mail from Administrator@infosearch.com blocked (Content blocked. Kaspersky AntiVirus 2.0 for WinGate blocked 0000381420. The file may contain Password-protected-EXE)
11/13/05 12:30:30 192.168.1.203 Guest 0000003017 Error: ==== Message file 0000381422 rejected - Content blocked. Kaspersky AntiVirus 2.0 for WinGate blocked 0000381422. The file may contain Password-protected-EXE
11/13/05 12:30:30 192.168.1.203 Guest 0000003017 Requested: SMTP In: mail from Administrator@infosearch.com blocked (Content blocked. Kaspersky AntiVirus 2.0 for WinGate blocked 0000381422. The file may contain Password-protected-EXE)

[adrien]

Hi Kevin

I think you can let password-protected zip files through.

KAV settings need to be set to custom, then the setting for non-scanned (I think it's that one), needs to be set to "pass file on".

Adrien

[kgoodknecht]

Hi Kevin

I think you can let password-protected zip files through.

KAV settings need to be set to custom, then the setting for non-scanned (I think it's that one), needs to be set to "pass file on".

Adrien

Hi Adrien,

I wanted to test it before I posted back, I was thinking I had tried that setting. Also tried access is denied, both by itself and with non scanned, none of which worked and I retried this morning. The only thing that worked was rezipping the contents to a non PW protected zip, then it went through.
I'm afraid of using any other setting for fear it will start letting infected email through.
I know the system this is on collects a lot of infected mail from his outside hosting provider so I certainly don't want infected emails coming through.

THis guy is really finicky about getting his email, as you already know. This is the system you worked on last month.

Kevin

>Off topic
How I found out it was blocking PW protected zips, Microsoft sent a password protect zip for poolmon to the machine Saturday before I upgraded Wingate, KAV and Puresight, and I wanted to forward that zip to me but as long as it was protect by a password KAV blocked it.

JFYI, I found a huge non-page memory leak in Computer Associates E-Z Antivirus that was causing his system to stop responing in 3 hours ending with a BSOD and memory dump four hours later. This didn't start until I set up mirroring on the C drive so I called MS on it. As long as the AV was doing realtime protection it was taking 20KB every time poolmon refreshed, about 10-15 seconds.

I've been running poolmon for about 16 hours on my machine with the exact same AV now, and it has consumed 42MB of non-paged memory that stops if I turn off real time protection.