Re: [Exim] Re: exiscan and aveserver (kaspersky 5)

Top Page
Delete this message
Reply to this message
Author: Giolla Decair
Date:  
To: Tom Kistner
CC: exim-users
Subject: Re: [Exim] Re: exiscan and aveserver (kaspersky 5)
Tom Kistner may one day have said:
> I'm working on it.
> Nick wrote:
> > SCAN - [options] <full_path_to_file>
> Isn't there an option to pass a directory instead of a file that is then
> scanned recursively?


Not as such for the aveclient:
$ /usr/local/share/kav/bin/aveclient -h
Command-line aveserver client version 5.0.3.2/RELEASE
Copyright (C) Kaspersky Lab, 1997-2004

Usage: /usr/local/share/kav/bin/aveclient -p socket_path [extra
options] [file1] [file2] ...
   -h       Show this help message and exit
   -v       Show version and exit
   -q       Do not show non-error messages
   -u       Try to cure files while scanning
   -s       Do scanning the files for viruses
   -c       Do checking aveserver connection and querying the data
   -p<path> Specify the path to aveserver socket. Required param.


Though you can spcify a wild card, I currently use a little shell
script as follows:
#!/bin/sh
KAV=/usr/local/share/kav/bin/aveclient
SOCKET=/var/run/aveserver
$KAV -p $SOCKET -s $1/* | grep 'INFECTED ' | sed 's/D /D: /;s/^L//'
which is fine for a low volume site like mine, I then specify:
av_scanner = cmdline:/usr/local/share/kav/bin/kavexim.sh %s: INFECTED:
::(.+)$

in my exim config file.

--
Giolla Decair
              "Missed it
               the moment to join in the laugh" - George Marsh