Second AV Scanner Suggestions

Julian Field MailScanner at ecs.soton.ac.uk
Mon Sep 24 20:20:55 IST 2007 

In which case, please try this:
1) In /etc/MailScanner/virus.scanners.conf, set this
bitdefender /usr/lib/MailScanner/bitdefender-wrapper 
/opt/BitDefender-scanner/bin
2) In /usr/lib/MailScanner/bitdefender-wrapper, change this line (around 
line 33)
prog=bdc
to this
prog=bdscan

Please give this a go and let me know if it works.

Also, please try this for the bitdefender-autoupdate:
1) Change this line (around line 132)
my $bitDefBinary = "bdc";
to this
my $bitDefBinary = "bdscan";
2) Run update_virus_scanners

Check the contents of /var/log/bitdefender_updater.log to see if it 
worked or not.

If someone can send me a fully-licensed version of BitDefender I'll try 
to get all this stuff working for you. Does the widely-used free version 
require these changes as well as the new one? Will I break everyone's 
bitdefender-based systems if I change this?

Otherwise I'll try to make it work with the old setup and the new one at 
the same time.

Jules.

Johnny Stork wrote:
> Thanks Julian. Below is my lint test and it appears that the 
> bitdefender scanner is not found. I downloaded and installed BD from 
> "BitDefender-scanner-7.5-4.linux-gcc3x.i586.rpm.run" and seems to put 
> the scanner here.
>
> [root at gateway MailScanner]# whereis bdscan
> bdscan: /usr/bin/bdscan /opt/BitDefender-scanner/bin/bdscan
>
>
> So I updated virus.scanners.conf. to show
>
> "bitdefender    /usr/lib/MailScanner/bitdefender-wrapper 
> /opt/BitDefender-scanner"
>
>
> Mailscanner Lint Test:
>
> [root at gateway MailScanner]# MailScanner --lint
> Checking version numbers...
> Version number in MailScanner.conf (4.63.8) is correct.
>
> Your envelope_sender_header in spam.assassin.prefs.conf is correct.
>
> Checking for SpamAssassin errors (if you use it)...
> SpamAssassin temp dir = /var/spool/MailScanner/incoming/SpamAssassin-Temp
> SpamAssassin reported no errors.
> MailScanner.conf says "Virus Scanners = clamd bitdefender"
> Found these virus scanners installed: clamavmodule
> =========================================================================== 
>
> Ignore errors about failing to find EOCD signature
> format error: can't find EOCD signature
> at /usr/sbin/MailScanner line 458
> cat: /tmp/log.bdc.351: No such file or directory
> rm: cannot remove `/tmp/log.bdc.351': No such file or directory
> =========================================================================== 
>
>
> If any of your virus scanners (clamavmodule)
> are not listed there, you should check that they are installed correctly
> and that MailScanner is finding them correctly via its 
> virus.scanners.conf.
>
>
>
> Julian Field wrote:
>> My personal preferences are for f-prot and sophos, as I always run 3 
>> to be on the safe side. But they do cost money. But there again, the 
>> total solution is still much, much cheaper than paying someone like 
>> MessageLabs or Ironport for their solutions to the problem.
>>
>> Once you have installed other scanners, be sure to
>>    MailScanner --lint
>> to be sure your scanners are all being called successfully. You 
>> should get a report from each of your installed scanners.
>>
>> My supplied virus.scanners.conf file is set ready for each of the 
>> virus scanners if you install them to their default location, as 
>> dictated by their own installers. If you install them elsewhere, you 
>> will need to tweak your /etc/MailScanner/virus.scanners.conf. The 
>> output of "MailScanner --lint" will clearly show you if you have the 
>> settings correct.
>>
>> You should *not* edit the -wrapper or -autoupdate scripts, the only 
>> changes needed are in virus.scanners.conf.
>>
>> Jules.
>>
>> Johnny Stork wrote:
>>> I just went through a clean re-install of MS/SA etc and thought I 
>>> might like to add a second scanner beyond clamav. What would most 
>>> people suggest for a second av engine, maybe amavisd?. Are there any 
>>> tips/howtos on setting up some of these other engines?
>>>
>>>
>>> -- 
>>> *Johnny Stork*
>>> Business & Technology Consultant
>>> stork at openenterprise.ca
>>>
>>
>> Jules
>>
>

Jules

-- 
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk

More information about the MailScanner mailing list