Esets AV nor recognized by MailScanner
Julian Field
MailScanner at ecs.soton.ac.uk
Thu Apr 17 19:00:46 IST 2008
Alex Broens wrote:
> On 4/17/2008 1:41 PM, --[ UxBoD ]-- wrote:
>>> Using latest MS release and Esets AV (ex Nod32) on a test box.
>>>
>>> "Virus Scanners = auto" doesn't recognize
>>> "# esets from www.eset.com"
>>>
>>> Setting "Virus Scanners = esets" doesn't work either
>>>
>>> Can anyone reproduce?
>>>
>>> Thanks
>>>
>>> Alex
>>
>> Alex, is virus.scanners.conf correct for its path ?
>
> Hi [ UxBoD ]
>
> After MS recognizes Eset, it doesn't catch an Eicar.zip, which
> clamavmodule does.
It certainly works for me.
Set
Virus Scanners = esets
in MailScanner.conf, and make sure the "esets" line in
virus.scanners.conf ends with "/usr/sbin".
Then do
MailScanner --lint
and in the output you should see some text like this:
===========================================================================
Virus Scanner test reports:
esets said "Found virus Eicar test file in eicar.com"
If you get that, everything should be okay. You should also find that if
you put an Eicar.zip in /tmp and run this next command, it should print
a line of output about it:
/usr/lib/MailScanner /usr/sbin -arch --all -b --subdir
--action-on-uncleanable accept /tmp/*
> In "esets_wrapper" you've chosen to use esets_scan which doesn't speak
> to the daemon but has to load the signatures every time its called and
> is extremely slow.
How would I talk to the daemon? I haven't read much about esets apart
from how to drive the client program and ensure the output format is
usable and consistent.
> Seems we're still missing something. What OS did you use to test the
> wrapper & co?
I tested it on RHEL 4 and 5, and it didn't show any signs of behaving
badly on anything else.
What Uxbod tested it on, I don't know :-)
Jules
--
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list