[Exim] Re: exiscan and aveserver (kaspersky 5)

I've got it on Russian... and translate as I can (sorry)
part1
------------------------------------------------------

After 'telnet -u /var/run/aveserver'
the server must answer

201 15446 4 1 13022004 81689 5.0.2.0/RELEASE

where:

201 - message type
15446 - connection counter
4 1 - (don't known)
13022004 - ddmmYYYY
81689 - base entry counter
5.0.2.0/RELEASE - version

We must take this string.

Also we can get other answers:

401 - process limit exceeded (please increase MaxClients option)
402 - could not accept client connection
and brake connection

After getting normal string, you can send the command:

(!!! all command must be ended by "\r\n" chars)

INFO - will show first info string (see above)
NOOP - will say "200 Ok"
KEYS - show keys and last "200 Ok"
SCAN - [options] <full_path_to_file>

Options:

M/m - On/Off quick test (while first virus)
P/p - On/Off check packed files
Q/q - On/Off check archives
R/r - On/Off check selfextracted archives
S/s - On/Off check mailbases
T/t - On/Off check plain mail file
U/u - On/Off heuristic check

options for output control:

a 321 - begin of the packet
b 322 - name of virus
c 323 - message about successfull desinfection
d 324 - message about unsuccessfull desinfection
e 325 - type of file (MAIL, ZIP etc.)
f 326 - name of executable packer
g 327 - name of warning (warning - heuristic)
h 328 - name of suspicion (suspicion - heuristic)
i 329 - unknown error
j 330 - same as 321
l - try to disinfect

The aveclients default is 'xmQPRSTUWabcdefghi'.

For example: "SCAN xmQPRSTUWabcdefghi /tmp/file.eml"