Unscannable Attachments

Some message attachments and message parts cannot be scanned for viruses because of corruption, encryption or missing parts.

Sophos Anti-Virus treats these messages as potentially dangerous and returns an internal failure code to the policy engine (SOPHOS_SAVI_FILE_ENCRYPTED, SOPHOS_SAVI_FILE_CORRUPT or SOPHOS_SAVI_FILE_PART_VOL). By default, it treats the message as if it were infected.

The method by which these scan failures are handled is determined by the settings in the cantscan.conf configuration file. Within this configuration file, a failure template is defined in the template setting (cantscan.tmpl by default). When message scanning fails, the template is used to construct a message to the original recipient advising that the original message was not delivered. The template file can be edited, or a custom template can be created. The following template variables can be used within the template:

  • %%DESC%%: Expands to the description configured in cantscan.conf.
  • %%QID%%: Expands to the Queue ID of the message.
  • %%ADMIN_ADDRESS%%: Expands to the PureMessage administratation address, as defined in the admin setting in the pmx.conf configuration file (or on the Edit Global Options page on the Local Services tab in the PureMessage Manager).