Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

McAfee VirusScan Enterprise stripping all Paypal Payment Notification emails


stephvand

Recommended Posts

Posted

For the past few days, each time I get a payment notification email from Paypal for products purchased through my store, McAfee has been stripping the emails because of an apparent trojan. Anyone else running into this?

 

Here's the text of the email once McAfee is done with it. Googling has turned up nothing, and while I realize that this isn't an osC-specific issue, I could use a hand figuring this out since it'll probably affect a few of us:

 

ANTI-VIRUS DETECTION ALERT

The anti-virus scanner was triggered by this file. The file was not cleaned and has been removed. See your system administrator for further information.

 

Context: '[Message Body]'

Detection(s): 'JS/Exploit-Script (trojan)'

 

Copyright ? 1993-2005, Networks Associates Technology, Inc.

All Rights Reserved.

http://www.mcafeesecurity.com

Posted

These are genuine emails from Paypal which Mcaffee it treating as infected with a virus. All our emails from Paypal are showing up like that. The fake ones don't. The message though is not quite the one you are getting. It just says it has quarintined the attachment:

 

'The attachment "Unnamed attachment" is infected with the JS/Exploit-Script Trojan(s).

This attachment has been quarantined.'

Posted

So it would seem that we're not the only ones experiencing this...these are definitely legitimate Paypal emails, and it would seem that McAfee is either being overzealous or Paypal is including an exploit with their messages.

 

McAfee has had a problem with false positives due to an error in a DAT released last Friday, which is when I started having this issue - however the DAT has allegedly been corrected and there was no mention made of Paypal in the followup comments. I'll post updates here as I find them - going to try the McAfee forums.

 

These are genuine emails from Paypal which Mcaffee it treating as infected with a virus. All our emails from Paypal are showing up like that. The fake ones don't. The message though is not quite the one you are getting. It just says it has quarintined the attachment:

 

'The attachment "Unnamed attachment" is infected with the JS/Exploit-Script Trojan(s).

This attachment has been quarantined.'

Posted

It looks like this problem will go away as long as the DATs are updated on your mail server as well as on your desktop computer, depending on how your mail is set up. McAfee goofed.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...