Mailscanner / trend antivius
subscribe
subscribe at KRINGSTAD.NET
Wed May 26 11:54:08 IST 2004
Hei,
I've just installed MailScanner E-Mail Virus Scanner version 4.30.3
along with Trend Antivirus Virus Scanner v3.1, VSAPI v6.810-1005.
When I test this config with testvirus.org's eicar.com virus,
it gets throught the trend virus scanner, if I scan the eicar.com
file manually; Trend finds it(1).
I've edited the wrapper and when I run this(2), I get this result(3).
I run this on SuSE 9.1 # uname -a
Linux sulu 2.6.4-54.5-default #1 Fri May 7 21:43:10 UTC 2004 i686 i686
i386 GNU/Linux
I've also edited in /etc/Mailscanner/Mailscanner.conf:
Virus Scanners = sophos f-prot trend
Minimum Code Status = alpha
This have worked before, but now after installing the latest SuSE 9.1,
it woun't scan with trend, but Sophos and F-prot works.
1. manually scan.txt
2. trend-warpper.txt
3. trend-wrapper run.txt
--
Trond
-------------------------- MailScanner list ----------------------
To leave, send leave mailscanner to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/ and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html
-------------- next part --------------
sulu:/tmp # /etc/iscan/vscan /tmp/eicar.com
Virus Scanner v3.1, VSAPI v6.810-1005
Trend Micro Inc. 1996,1997
Pattern version 895
Pattern number 64453
/tmp/eicar.com
*** Found virus Eicar_test_file in file /tmp/eicar.com
==============================
Directory:
Searched : 0
File:
Searched : 1
Scan : 1
Infected : 1
Infected : 1(Include files been compressed)
Time:
Start : 5/26/04 11:49:00
Stop : 5/26/04 11:49:00
Used : 00:00
-------------- next part --------------
#!/bin/sh
#
# Trend Micro vscan wrapper
#
PackageDir=/etc/iscan
shift
prog=vscan
LD_LIBRARY_PATH=$PackageDir/lib
export LD_LIBRARY_PATH
if [ "x$1" = "x-IsItInstalled" ]; then
[ -x ${PackageDir}/bin/$prog ] && exit 0
exit 1
fi
exec $PackageDir/bin/$prog "$@"
-------------- next part --------------
sulu:/tmp # /usr/lib/MailScanner/trend-wrapper -v
Virus Scanner v3.1, VSAPI v6.810-1005
Trend Micro Inc. 1996,1997
Usage : vscan [-options] {file1|dir1} [file2|dir2] ...
Options:
* Scan engine:
-c1 : scan files compressed by pklite/lzexe. -nc1 : disable -c1
-c2 : scan files in pkzip/lha/arj archives. -nc2 : disable -c2
-s : enable softmice. -ns : disable -s
-sd: enable smart decompression. -nsd : disable -sd
-yx : set decompression layer to x(1..9).
-ppathlist: search for the pattern file in the directories listed in
pathlist, e.g. -p.:/etc/iscan:/tmp. the default
path list is .:/etc/iscan
* What to scan:
-a : scan all files.
-exxx,yyy... : only scan file with *.xxx and *.yyy files.
-za : scan all files in compressed archives.
-zexxx,yyy... : only scan *.xxx and *.yyy in compressed archives.
-r : scan all sub-directories. -nr : disable -r
* What to do on infected files:
-d : delete infected file.
-mxxx : move virus into directory xxx.
-rn : rename infected file to *.vir.
-u : leave infected file unchanged.
-c : clean infected file, not backup.
-cb : clean infected file, backup original file.
* Log:
-l : place log in default log file. -nl : No log.
-lxxx : place log in log file xxx.
* General:
-fxxx : read seting from file xxx.
-f : read seting from file vscan.conf.
-f- : read seting from STDIN.
-v : display debug information.
-vstemp{dir}: set the default temporary path.
default: -a -c1 -c2 -nl -r -s -u -y20 -sd
More information about the MailScanner
mailing list