mcafee autoupdate

Eric Dantan Rzewnicki rzewnickie at RFA.ORG
Fri Sep 17 01:31:21 IST 2004 

On Thu, Sep 16, 2004 at 04:21:19PM -0400, Eric Dantan Rzewnicki wrote:
> On Thu, Sep 16, 2004 at 04:05:22PM -0400, Eric Dantan Rzewnicki wrote:
> > I recently updated from MailScanner 4.28.6 to 4.33.3. In
> > /opt/MailScanner/lib/mcafee-autoupdate PREFIX is set to /opt/uvscan. Is
> > this new, or did I simply forget I needed to change this when upgrading?
<snip>
> I guess that's what I get for being different.
> I suppose it is not recommended to use the individual autoupdate
> scripts, but is it necessarily wrong to do so?

In case anyone else has had or has in the future issues similar to this,
below is my changelog entry for what I did to get my stuff up to snuff.
Any comments or suggestions are welcome. Running update_virus_scanners
3x/hour seems excessive to me personally, but frequent checks were
requested by management.

-Eric Rz.


2004-0916-1909 EDT rzewnickie at rfa.org
updated sophos engine to SophosSAVI 3.85 / engine 2.22 (from 3.82/2.20)
  got linux.intel.libc6.glibc.2.2.tar.Z from
    http://www.sophos.com/support/updates/
  unpacked in scotty:/tmp/
  stopped MailScanner
  edited: /opt/MailScanner/bin/Sophos.install.linux
    SCRIPTS=/opt/MailScanner/lib
  cd /tmp/sav-install
  ran /opt/MailScanner/bin/Sophos.install.linux
  restarted MailScanner

Changed to using supplied scripts in /opt/MailScanner/bin/cron/ instead
of calling check_MailScanner and individual virus scanner autoupdate
scripts directly. These new wrapper scripts have better error handling,
lock checking and logging. They are now the recommended way to automate
these tasks for MailScanner, but were not available when we initially
installed last year.

The scripts they call are maintained with the assumption that they will
be called from these .cron scripts rather than individually. Using the
.cron scripts should avoid the problem we had with the mcafee DATs
updating into the wrong directory. Additionally, the
update_virus_scanners.cron script includes a randomized delay so that
various MailScanner installations are unlikely to all hit the virus
vendor's sites at the same time. Since both sophos and mcafee will be
checked everytime this is run, we now run this 3 times per hour.
Previously we checked each 2 times per hour, alternating so that we
checked one or the other every 15 minutes.
  crontab -e:
    # check_mailscanner starts mailscanner or restarts it if it fails
    # for some reason
    @reboot
/opt/MailScanner/bin/cron/check_MailScanner.cron >/dev/null 2>&1
    */20 *    *    *     *
/opt/MailScanner/bin/cron/check_MailScanner.cron >/dev/null 2>&1
    # check for new virus scanner DATs (mcafee) or IDEs (sophos)
    */20 *    *    *     *
/opt/MailScanner/bin/cron/update_virus_scanners.cron >/dev/null 2>&1

2004-0916-1554 EDT rzewnickie at rfa.org
edited /opt/MailScanner/lib/mcafee-autoupdate
  PREFIX=/usr/local/uvscan
this is the script that updates mcafee dats. It is run via cron. It was
working and pulling the dats, but putting them in the wrong directory.
This variable was set to /opt/uvscan in mailscanner 4.33.3. I don't know
why this was done, but I will ask on the mailscanner list. The latest
dat is in place and in use now.

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

More information about the MailScanner mailing list