What is the Enable real-time AV?
Question asked by Opt-Out - 3/7/2015 at 5:02 PM
Unanswered
What is the purpose of the [x] Enable real-time AV option under Antivirus Administration?
When it's enabled how is the quarantine directory used?
How is the delete or inform sender option "Action" initiated?
 
Does anyone have any real world examples of this feature in use and working?
There doesn't seem to be any useful information in Smartertools help about this feature.

6 Replies

Reply to Thread
0
Employee Replied
Employee Post
Hello Opt-Out,
 
Thanks for the inquiry. Do you have any third party applications that might suit your system needs ?  Similar products may be Avast, AVG Antivirus or other Real Time AntiVirus applications that you can configure with SmarterMail.
 
The intent on using these applications is simply allowing that application to detect and quarantine viruses and infections. You define the path to send those items for later view or removal. Please let me know if you have any other questions.
 
Thanks.
0
Opt-Out Replied
I don't see the answer :)
0
Opt-Out Replied
When enabled should the real time AV scan the spool folders?
How does smartermail function when this is enabled? How does SM know when to move an email to the quarantine? How does SM know when to inform the sender? I'm trying to determine how SM is able to work with a 3rd party antivirus using this feature. And what are the problems, if any, with real time scans of the spools?
0
Joe Wolf Replied
This option doesn't work very well. You have to increase the Command Line timeout to at least 30 seconds. On a busy server that's not acceptable to most customers and can cause huge spool counts. The only real two options are ClamAV (which is a TERRIBLE scanner) or Command Line Scanner like AVG. I've been working on the project but it's proven to be very difficult. As far as the Real Time AV I would not count on it for anything.
Thanks,
-Joe
0
Opt-Out Replied
Thanks for the input Joe. I'm baffled by the lack of documentation for the real-time option. I already have ESET File Security running as a command line scanner. That's straight forward, but there is no information about using the real-time option. I'm assuming you let your real-time scanner scan the spool, but like I said, no documentation. And to make things worse I have seen a number of comments about "never" let a real time scanner touch any smartermail folders. So lump that contradiction on top and it leaves me with an undocumented feature that I'm afraid to test.
0
Joe Wolf Replied
Never let a real time A/V scan your user domains folders or any archive folders, but you can let it scan the actual spool, but unless you have a significant spool delay time it's probably wasted resources. You would also want to exclude the ClamAV folder and the SmarterMail bayes folders.
Thanks,
-Joe

Reply to Thread