<blockquote>Is there any way to safely scan outbound mail via Symantec AV? Is this the type of problem that SAV would cause? Or is this potentially another problem?</blockquote><p>If you have to scan outbound mail that means there is some sort of internal virus is bouncing around your LAN and you have a lot more problems than just email.  ;-) </p><p>That said, you might want to checkout Virprot from Martin Ireland http://community.pmail.com/files/folders/mercadd/entry803.aspx  It uses your own anti-virus software to scan the mail under the control of Mercury/32.  There is also ClamWall comes with Mercury/32 that uses ClamAV to do the mail scanning as a daemon under the control of Mercury/32.  Both of these are safe since they do not interfere with Mercury's access to the mail files and folders. </p>

<p>Our Mercury server is producing corrupted messages. The pattern is as follows:</p><ul><li>A POP3 user will get a bounce message which states their message could not be delivered. They didn't send the message in the first place! </li><li>The bounce always references one of our mail list subscribers (we have a list of 1000+ members, rather light traffic). Traffic on our list has been increasing lately from <5 messages to 10 to 20 messages per day.</li><li>The .CNM of the bounce message contains formatting errors, as if the bounce message text is embedded in the midst of message headers.</li><li>The original message doesn't reference the list; for example, email between employees here in-house can end up in the middle of one of these bounce messages.</li></ul><p>I am EXTREMELY concerned that in-house messages <b><i>could </i></b>end up forwarded to a list subscriber; so far, it appears that each instance of this has resulted in a bounce rather than an accidental delivery to a list subscriber. I'm wondering if a bounce message assembly is getting crossed up with a "real" message. </p><p>Here is a sample message. This is the raw .CNM file as posted into the Mercury mail delivery folder of one our users:</p><p>Received: from spooler by envisionware.com (Mercury/32 v4.62); 16 Mar 2009 19:30:38 -0400 X-Envelope-To: jt_employee Received: from spooler by envisionware.com (Mercury/32 v4.62)   for <daliasaddress-ew@envisionware.com>;  16 Mar 2009 19:30:26 -0400 Resent-from: daliasaddress-ew@envisionware.com Resent-Date: Mon, 16 Mar 2009 19:30:26 -0400 X-Autoforward: 1 <b>This is the mail system at host mailscanner6.axxHIDDEN.edu.</b> X-EnvisionWare: Passed global ruleset of 2009-0313-0945 X-PMFLAGS: 33554560 0 0 YAYDNFZ3.CNM                         I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to <postmaster> If you do so, please include this problem report. You can delete your own text from the attached returned message.                    The mail system <hl_listsubscriber@abc.al.us>: host mail.abc.al.us[129.66.12.111] said: 553 5.3.0     <hl_listsubscriber@abc.al.us>... No such user here (in reply to RCPT TO command) 5 -0400 Message-ID: <009201c9a68f$2f909b30$8eb1d190$@com> MIME-Version: 1.0 Content-Type: text/plain;     charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 12.0 thread-index: AcmmivCnPHu1OsMZReOxMrgTwSP8JAAA/dLQ Content-Language: en-us Mike, we are omitting message content here... Thanks, James -----Original Message----- From: Mike [mailto:mike@mydomain.com] Sent: Monday, March 16, 2009 6:59 PM To: devalias@mydomain.com Cc: prosalias@mydomain.com Subject: Need help with IRS This is email from Mike. Sent from my iPhone ----- </p><p>Further details on our server:</p><ul><li>Windows 2003 Standard 32-bit, T1 circuit.</li><li>Symantec AV Corporate Edition v9.05: configured with Internet E-mail Auto-Protect DISABLED, File System Auto-Protect enabled.</li><li>SAV auto-protect omits C:\MERCURY; HOWEVER, I just noted that SAV is scanning D:\MERCURY\QUEUE, the primary mail queue. </li><li>THEORY: SAV is causing the problem on the outbound queue. </li></ul><p>I'm going to have SAV omit the outbound queue directory, as recommended in Mercury Help. </p><p>Is there any way to safely scan outbound mail via Symantec AV? Is this the type of problem that SAV would cause? Or is this potentially another problem?</p><p> </p>