How to enable anti-virus integration

Anti-virus integration, when enabled, makes AfterLogic XMail Server pass every e-mail as a file to the anti-virus scanner. AfterLogic XMail Server uses command line interface for this. Thus, the anti-virus scanner must support calling it from the command-line to scan the specified e-mail file and return the integer code (for instance, 1=infected or 0=normal) back to the caller.

AfterLogic XMail Server then adds X-Virus-Header to the infected e-mails. When the user checks mail in WebMail interface, WebMail module moves such e-mails into Quarantine folder of the user.

Currently, the anti-virus integration has been tested with the following anti-virus programs: AVG, McAfee, ClamAV. However, if you're using another anti-virus program which can be called from the command line, it should work too.

Some anti-virus programs do include command-line scanner out-of-box but such application can usually be found on their web sites.

The step-by-step guide follows (it assumes you have installed AfterLogic XMail Server into the default location).


1. Open the following file in a text editor:

Windows:

C:/Program Files/AfterLogic XMail Server/MailRoot/filters/axav.ini

Linux/Unix:

/var/MailRoot/filters/axav.ini


2. Find [XMail AntiVirus Filter] section (if it's missing, add it).

It contains fields which let AfterLogic XMail Server know where it can find the anti-virus filter executable and how to pass parameters to the selected anti-virus.


3. You can add anti-virus scanner definition as below:

AntivirusPath=FOLDER_AND_FILENAME_OF_INSTALLED_ANTI_VIRUS_SCANNER_EXECUTABLE AntivirusCommand=command line parameters. "%s" means the e-mail message file to be scanned. AntivirusReturn=integer return code value returned by ANTI_VIRUS_SCANNER_EXECUTABLE for infected e-mail files.

AntivirusPath example (Windows):

C:\Program Files\McAfeeVirusScanCommandLine\scan.exe

AntivirusPath example (Linux):

/usr/local/clamAV/clamscan

Note that only a single anti-virus scanner can be enabled. You cannot use different anti-virus scanners simultaneously.

Examples:

Your XMail AntiVirus Filter section in axav.ini may look like below (";" or "#" as the first character on the line means comments).

[XMail AntiVirus Filter]

; Example 1: McAfee VirusScan Command Line Scanner
AntivirusPath=C:\Program Files\McAfeeVirusScanCommandLine\scan.exe
AntivirusCommand="%s" /NOBEEP /SILENT
AntivirusReturn=13

; Example 2: ClamAV
AntivirusPath=C:\Program Files\clamAV\clamscan.exe
AntivirusCommand="%s" --quiet
AntivirusReturn=1


; Example 3: AVG
AntivirusPath=C:\Program Files\AVG\AVG8\avgscanx.exe
AntivirusCommand=/scan="%s"
AntivirusReturn=5