Instructions for configuring Grisoft AVG Antivirus with MailEnable as an antivirus plug-in.
AVG 6.0 antivirus is a virus solution with 4 different versions. This information is based on AVG Professional (single edition).
From versions 1.54 (and later) of MailEnable Professional Edition and 1.03 of MailEnable Enterprise Edition, antivirus scanning has been changed to act as a filter.
Step 1: Configuring the antivirus program:
1. Install AVG antivirus application onto the same server that has MailEnable installed
2. Ensure that any resident or real-time protector capabilities of the antivirus application have been disabled (or all the MailEnable directories have been excluded from being protected by the software).
As a general rule, consider the following:
- Exclude MailEnable "Queues" and the "Config" Directories from the resident/real-time monitoring.
- Disable the resident/real-time monitor if exclusion of MailEnable directories is not possible within the antivirus application.
3. Open the MailEnable Administration program. Expand the Servers > Local host > Filters branch, select the 'MailEnable Message Filter' icon, then select the MailEnable Antivirus Filter item in the list which appears on the right side panel.
4. Select "Grisoft AVG" from the list of available antivirus applications.
5. Make sure that the "Enable" (or "Enable selected antivirus") is selected. It is possible to enable more than one antivirus application on the server, but this will affect the number of messages that can be scanned over a period of time.
6. Ensure that the correct program path to the command line virus scanner has been specified. Select the Options button to change this. Also ensure that the scratch directory exists. This directory is used to unpack the message as it is scanned for viruses.
7. Save changes.
8. Stop the MTA service.
9. Start the MTA service.
Make sure virus definition files are being updated. See the antivirus documentation for information on how to do this. Some antivirus applications specifically require Administrative privileges to run. Since the MTA runs under the LocalSystem account, change this to an account with Administrative privileges. Open the Services control panel applet. For the "MailEnable Mail Transfer Agent" service, change the user account it runs under to a Windows user account that has Administrative rights (i.e. a member of the Administrators group).
Step 2: Creating an antivirus filter
To enable antivirus filtering requires the creation of a filter in the MailEnable Administration program that detects when the message contains a virus and deletes the message or quarantines it, notifies sender, etc.
To create an antivirus filter:
1. Open the MailEnable Administration Program
2. Right click on the Messaging Manager>Filters branch and create a new filter.
3. In the name field enter something like "Antivirus Filter" (without the quotes).
4. Having created the filter, edit the criteria for the filter as follows:
5. Check the criteria "Where the message contains a virus"
6. Create the actions that are
undertaken when the virus is detected. E.g. Copy the message to the Quarantine
directory or Delete Message
The Mail Transfer Agent can be set to run in multiple occurrences or multiple threads. This setting allows a command line scanner to run several times concurrently allowing a greater pass through of mail checking. The default settings for the number of concurrent MTA transfer threads are 64, however it is fairly common in high volumes of processed mail that the antivirus program does not handle this well and can often fail. AVG is such a program and in our testing we discovered that the program is required to be set to 1 thread.
The default threads can be changed in the MTA properties:
1. Go to Agents > MTA
2. Right click MTA agent and select Properties
3. Change maximum threads to 1
Testing antivirus configuration
Test the configuration by emailing yourself the Eicar test virus from http://www.eicar.com. To perform more advanced testing and debugging, follow the details in this knowledge base article: http://www.mailenable.com/kb/content/article.asp?ID=ME020085
MailEnable antivirus overview: http://www.mailenable.com/kb/content/article.asp?ID=ME020389
Which antivirus solution to use with MailEnable: http://www.mailenable.com/kb/content/article.asp?ID=ME020144
Debugging the anti-virus
support and the Mail Transfer Agent: Article ME020121
AVG Antivirus virus definition update site: http://www.grisoft.com/us/us_updt7.php
|Product:||MailEnable (Pro-Any Pro-1.X Ent-Any Ent-1.X)|
|Class:||HOWTO: Product Instructions|
|Revised:||Wednesday, May 4, 2016|