Esets AV nor recognized by MailScanner
Alex Broens
ms-list at alexb.ch
Thu Apr 17 21:59:40 IST 2008
On 4/17/2008 8:00 PM, Julian Field wrote:
>
>
> Alex Broens wrote:
>> On 4/17/2008 1:41 PM, --[ UxBoD ]-- wrote:
>>>> Using latest MS release and Esets AV (ex Nod32) on a test box.
>>>>
>>>> "Virus Scanners = auto" doesn't recognize
>>>> "# esets from www.eset.com"
>>>>
>>>> Setting "Virus Scanners = esets" doesn't work either
>>>>
>>>> Can anyone reproduce?
>>>>
>>>> Thanks
>>>>
>>>> Alex
>>>
>>> Alex, is virus.scanners.conf correct for its path ?
>>
>> Hi [ UxBoD ]
>>
>> After MS recognizes Eset, it doesn't catch an Eicar.zip, which
>> clamavmodule does.
> It certainly works for me.
> Set
> Virus Scanners = esets
> in MailScanner.conf, and make sure the "esets" line in
> virus.scanners.conf ends with "/usr/sbin".
> Then do
> MailScanner --lint
> and in the output you should see some text like this:
>
> ===========================================================================
> Virus Scanner test reports:
> esets said "Found virus Eicar test file in eicar.com"
all mine shows is
Apr 17 16:14:21 mst1 MailScanner[5743]: Virus Scanning: esets found 2
infections
but no detail
>
> If you get that, everything should be okay. You should also find that if
> you put an Eicar.zip in /tmp and run this next command, it should print
> a line of output about it:
> /usr/lib/MailScanner /usr/sbin -arch --all -b --subdir
> --action-on-uncleanable accept /tmp/*
lemme try that
>> In "esets_wrapper" you've chosen to use esets_scan which doesn't speak
>> to the daemon but has to load the signatures every time its called and
>> is extremely slow.
> How would I talk to the daemon? I haven't read much about esets apart
> from how to drive the client program and ensure the output format is
> usable and consistent.
using "esets_cli" speak to the daemon instead of esets_scan
>> Seems we're still missing something. What OS did you use to test the
>> wrapper & co?
> I tested it on RHEL 4 and 5, and it didn't show any signs of behaving
> badly on anything else.
If you want to take a look on my box, I can give you access.
Alex
More information about the MailScanner
mailing list