Using Norton Antivirus Corporate Edition (NAVCE v 6.0 and 7.0) with MailEnable
SUMMARY
How to correctly setup Norton Antivirus Corporate Edition with MailEnable's MTA (Professional and Enterprise Edition) and which folders need to be excluded if the resident shield is to be used.
DETAIL
Only Corporate Editions of Norton (NAVCE), now distinguished from Personal Editions as Symantec (SAV), ship with the VSCAND program. Command line virus checking is not a part of any personal editions. MailEnable requires the VSCAND command line virus checking program.
Instructions for integrating NAVCE with MailEnable follow:
- Make a directory on the server and copy the files from the following directory or CD 2 of NAVCE to it:
navcorp\rollout\avserver\clients\dos
Step 1: Configuring the antivirus program:
1. Install the NAVCE antivirus application onto the same server that has MailEnable installed
2. Ensure that any resident or real-time protector capabilities of the antivirus application have been disabled (or all the MailEnable directories have been excluded from being protected by the software).
As a general rule, consider the following:
- Exclude MailEnable "Queues" and the "Config" Directories from the resident/real-time monitoring.
- Disable the resident/real-time monitor if exclusion of MailEnable directories is not possible within the antivirus application.
3. Open the MailEnable Administration program. Expand the Servers > Local host > Filters branch, select the 'MailEnable Message Filter' icon, then select the MailEnable Antivirus Filter item in the list which appears on the right side panel.
4. Select "Norton Antivirus" from the list of available antivirus applications.
5. Make sure that the "Enable" (or "Enable selected antivirus") is selected. It is possible to enable more than one antivirus application on the server, but this will affect the number of messages that can be scanned over a period of time.
6. Ensure that the correct program path to the command line virus scanner has been specified. Select the Options button to change this. Also ensure that the scratch directory exists. This directory is used to unpack the message as it is scanned for viruses.
7. Save changes.
8. Stop the MTA service.
9. Start the MTA service.
Make sure virus definition files are being updated. See the antivirus documentation for information on how to do this. Some antivirus applications specifically require Administrative privileges to run. Since the MTA runs under the LocalSystem account, change this to an account with Administrative privileges. Open the Services control panel applet. For the "MailEnable Mail Transfer Agent" service, change the user account it runs under to a Windows user account that has Administrative rights (i.e. a member of the Administrators group).
Step 2: Creating an antivirus filter
To enable antivirus filtering requires the creation of a filter in the MailEnable Administration program that detects when the message contains a virus and deletes the message or quarantines it, notifies sender, etc.
To create an antivirus filter:
1. Open the MailEnable Administration Program
2. Right click on the Messaging Manager>Filters branch and create a new filter.
3. In the name field enter something like "Antivirus Filter" (without the quotes).
4. Having created the filter, edit the criteria for the filter as follows:
5. Check the criteria "Where the message contains a virus"
6. Create the actions that are undertaken when the virus is detected. E.g. Copy the message to the Quarantine directory or Delete Message
NAVCE requires Administrative privileges to run. Since the MTA runs under the
LocalSystem account, change this to an account with Administrative privileges.
Open the Services control panel applet. For the "MailEnable Mail Transfer Agent"
service, change the user account it runs under to a Windows user account that
has Administrative right (i.e. a member of the Administrators
group).
Configure NAVCE to ignore the MailEnable directories for scanning
(either resident or scheduled) as they will cause problems with the scan. If the
data and program files for MailEnable are in different directories,
remember to exclude both of them from NAVCE scanning.
Restrict the MTA service to one
thread. This can be done by downloading the registry file from
here, extracting and double clicking the RestrictMTA.reg file. This will
restrict the MTA to process and virus-check one email at a time. If you need to
set the amount of threads to the default, you can use the DefaultMTA.reg from
the archive.
Testing antivirus configuration
Test the configuration by emailing yourself the Eicar test virus from http://www.eicar.com. To perform more advanced testing and debugging, follow the details in this knowledge base article: Article ME020085
MORE INFORMATION
MailEnable antivirus overview: Article ME020389
Which antivirus solution to use with MailEnable: Article ME020144
Debugging the anti-virus support and the Mail Transfer Agent: Article ME020121
Advanced testing and debugging of antivirus: http://www.mailenable.com/kb/content/article.asp?ID=ME0200085
Configuring Norton Antivirus Corporate Edition with MailEnable: http://www.mailenable.com/kb/content/article.asp?ID=ME020277
| Product: | MailEnable (Pro-Any Pro-1.X Ent-Any Ent-1.X) |
| Category: | Configuration |
| Article: | ME020086 |
| Module: | MTA Filtering |
| Keywords: | Norton,VSCAND,MTA,filtering,Eicar,antivirus,anti-virus,anti,virus,nortons |
| Class: | HOWTO: Product Instructions |
| Created: | 12/03/2003 1:18:00 AM |
| Revised: | Wednesday, May 4, 2016 |
| Author: | MailEnable |
| Publisher: | MailEnable |
- Mail Server
- Overview
- Features
- Comparisons
- Solutions
- Product Editions
- Feature Matrix
- Webmail Demo
- Video Gallery
- Migrate To MailEnable
- Testimonials