SUMMARY
Instructions for configuring Grisoft AVG Antivirus with MailEnable as an antivirus plug-in.
OVERVIEW
AVG 6.0 antivirus is a virus solution with 4 different versions. This information is based on AVG Professional (single edition).
DETAIL
From versions 1.54 (and later) of MailEnable Professional Edition and 1.03 of MailEnable Enterprise Edition, antivirus scanning has been changed to act as a filter.
Step 1: Configuring the antivirus program:
1. Install AVG antivirus application onto the same server that has MailEnable installed
2. Ensure that any resident or real-time protector capabilities of the antivirus application have been disabled (or all the MailEnable directories have been excluded from being protected by the software).
As a general rule, consider the following:
- Exclude MailEnable "Queues" and the "Config" Directories from the resident/real-time monitoring.
- Disable the resident/real-time monitor if exclusion of MailEnable directories is not possible within the antivirus application.
3. Open the MailEnable Administration program. Expand the Servers > Local host > Filters branch, select the 'MailEnable Message Filter' icon, then select the MailEnable Antivirus Filter item in the list which appears on the right side panel.
4. Select "Grisoft AVG" from the list of available antivirus applications.
5. Make sure that the "Enable" (or "Enable selected antivirus") is selected. It is possible to enable more than one antivirus application on the server, but this will affect the number of messages that can be scanned over a period of time.
6. Ensure that the correct program path to the command line virus scanner has been specified. Select the Options button to change this. Also ensure that the scratch directory exists. This directory is used to unpack the message as it is scanned for viruses.
7. Save changes.
8. Stop the MTA service.
9. Start the MTA service.
Make sure virus definition files are being updated. See the antivirus documentation for information on how to do this. Some antivirus applications specifically require Administrative privileges to run. Since the MTA runs under the LocalSystem account, change this to an account with Administrative privileges. Open the Services control panel applet. For the "MailEnable Mail Transfer Agent" service, change the user account it runs under to a Windows user account that has Administrative rights (i.e. a member of the Administrators group).
Step 2: Creating an antivirus filter
To enable antivirus filtering requires the creation of a filter in the MailEnable Administration program that detects when the message contains a virus and deletes the message or quarantines it, notifies sender, etc.
To create an antivirus filter:
1. Open the MailEnable Administration Program
2. Right click on the Messaging Manager>Filters branch and create a new filter.
3. In the name field enter something like "Antivirus Filter" (without the quotes).
4. Having created the filter, edit the criteria for the filter as follows:
5. Check the criteria "Where the message contains a virus"
6. Create the actions that are
undertaken when the virus is detected. E.g. Copy the message to the Quarantine
directory or Delete Message
MTA
Threads
The Mail Transfer Agent can be set to run in
multiple occurrences or multiple threads. This setting allows a command line
scanner to run several times concurrently allowing a greater pass through
of mail checking. The default settings for the number of concurrent MTA
transfer threads are 64, however it is fairly common in high volumes of
processed mail that the antivirus program does not handle this well and can often
fail. AVG is such a program and in our testing we discovered that the
program is required to be set to 1 thread.
The default
threads can be changed in the MTA properties:
1. Go to Agents >
MTA
2. Right click MTA agent and select Properties
3. Change maximum threads to
1
Testing antivirus configuration
Test the configuration by emailing yourself the Eicar test virus from http://www.eicar.com. To perform more advanced testing and debugging, follow the details in this knowledge base article: http://www.mailenable.com/kb/content/article.asp?ID=ME020085
MORE INFORMATION
MailEnable antivirus overview: http://www.mailenable.com/kb/content/article.asp?ID=ME020389
Which antivirus solution to use with MailEnable: http://www.mailenable.com/kb/content/article.asp?ID=ME020144
Debugging the anti-virus
support and the Mail Transfer Agent: Article ME020121
REFERENCES
AVG Antivirus virus definition update site: http://www.grisoft.com/us/us_updt7.php
Product: | MailEnable (Pro-Any Pro-1.X Ent-Any Ent-1.X) |
Article: | ME020286 |
Module: | MTA Filtering |
Keywords: | Antivirus,AVG,configuring,grisoft,avg,anti-virus,av,a/v |
Class: | HOWTO: Product Instructions |
Revised: | Wednesday, May 4, 2016 |
Author: | MailEnable |
Publisher: | MailEnable |