Preventing Reporting on Unscannable Data

To prevent the reporting of unscannable data, modify the default policy (policy.siv). This can be done on the Policy tab, or from command line. Modifications can be made to both the internal and external host check sections as follows:

Internal Host Check

# attr NAME=Reject mail containing viruses
if pmx_virus {
    # attr NAME=Check for certain error codes
    if not pmx_virus_id :comparator "i;ascii-casemap" \
        :matches ["SOPHOS_SAVI_FILE_ENCRYPTED","SOPHOS_SAVI_FILE_CORRUPT",\
        "SOPHOS_SAVI_FILE_PART_VOL"] {
        reject :rcode 550 "One or more viruses were detected in the message.";
        pmx_mark "I-Virus" "%%VIRUS_IDS%%";
        stop;
     }
}

External Host Check

if pmx_virus {
    # attr NAME=Check for certain error codes
    if not pmx_virus_id :comparator "i;ascii-casemap" \
        :matches ["SOPHOS_SAVI_FILE_ENCRYPTED","SOPHOS_SAVI_FILE_CORRUPT",\
        "SOPHOS_SAVI_FILE_PART_VOL"] {
        pmx_quarantine "Virus";
        pmx_mark "E-Virus" "%%VIRUS_IDS%%";
    }
}
Note: Unscannable files (either encrypted or corrupt) may contain viruses.