14.3  Examples of configuration of external antivirus modules

Kerio MailServer supports several external antivirus programs for Windows, Mac OS X and Linux operating systems from different vendors (e.g. NOD32, Grisoft, Sophos Antivirus, etc.). For the most current list of supported antivirus vendors refer to the Kerio Technologies website at http://www.kerio.com/.

Here, you can find notes on peculiarities and possible configurations of external antivirus applications:

Symantec Scan Engine

One of the supported antivirus applications is Symantec Scan Engine by Symantec. Since Kerio MailServer 6.1.2, the traffic protocol for communication between Kerio MailServer and Symantec Scan Engine versions 4 and 5 has been changed. The applications now use ICAP instead of the Native protocol. For this reason, it is necessary to switch the protocol using the  Configuration → Protocol → ICAP option in the SAVSE settings..

Clam AntiVirus

Kerio MailServer supports Clam AV for Linux, Mac OS X and Windows.

Warning

Clam AV is available in two basic versions for Windows, but only Clam AV for Windows can be used (aka ClamAV-win32). Version ClamWin Antivirus is not supported by Kerio MailServer). Clam AV for Windows can be downloaded for free at http://www.sosdg.org/.

To make cooperation of Clam AV with Kerio MailServer function properly, the following requirements must be met:

  • Communication of the antivirus and Kerio MailServer must be maintained over a network socket (this can be set in the antivirus configuration file).

  • In the Kerio MailServer's administration console (Configuration → Content Filter → Antivirus → the Options button) in the antivirus settings (see figure 14.2  Options for Clam AntiVirus), set an IP address and a port for traffic. If Clam AV is running on the same computer as Kerio MailServer, it is not necessary to change default settings.

  • On Linux operating systems, Kerio MailServer is always running under the root user. If Clam AV is installed on the same computer as Kerio MailServer but it is running under another user, the UseStreamOutLocalhost item in the antivirus configuration in the administration console (Configuration → Content Filter → Antivirus → the Options button) must be set to the 1 value.

Options for Clam AntiVirus

Figure 14.2. Options for Clam AntiVirus


Note: Updates of the virus database must be set by using the Freshclam utility.