Is it possible to run TWO resident protection tasks automatically (instead of only the default)?
My reason for asking is that I would like to have the standard shield run with ‘normal’ settings (for performance reasons), except in the directory where my mailserver runs, where I would like it to scan all files for open, create, modify, execution etc.
The solution would seem to be, to create two resident protection tasks, where the one has ‘normal’ settings and an exclusion “\mailsrv*”, and the other only tests the “\mailsrv” directory (but all files).
(Running with the ‘all files’ setting in standard shield for the whole system, slows my server down too much.)
Sorry, this is not possible. What you’re requesting is basically the ability to set the scan params on a per folder (or per file) basis, which is simply not supported…
BTW what mail server are you using? It’s often possible to set it up to scan mail traffic on its own…
Yes, it has the ability to run a virusscanner from a command-file (in this case, ashCmd), and it even has an interface available to run Avast. However,
[*]running ashCmd every time an email comes in, is not nearly as efficient as using a task that’s already running, and[*]they charge way too much (for my wallet, in any case for their interface.
That said, I guess I’ll use ashCmd after all.
Ok, so now I’m doing the virus-scan with ashCmd. It’s invoked by my email server, which is running as a service.
I defined the task ‘vpop3’ which scans the folder my email server puts attachments into. I have excluded that directory from the standard shield in the resident protection task. I selected save results and no alerts for the task.
I used the command
ashCmd /@=vpop3
then I get the following error message in my email server’s logfile: Error m_Screen.Initialize - initialization of class CScreen failed. Contact us with error description, please.
So I figured, it’s probably because it’s running from a service, with no access to the display. I saw the option "/" being about input/output from STDIN/STDOUT (standard in, standard out), and figured this might be the answer:
ashCmd.exe / /@=vpop3
That was it, it worked. So far so good.
However, the task ran, and produced the following output to STDOUT (which I redirected to a file):
Bugs:
[*]Even though I selected ‘store results’ in the task definition, the Enhanced interface has no session log.[*]I got two alerts sent to me (one for each of the two infected attachments), even though I have not selected any of the alerts for this task! I do have an alert defined, which sends me email, but I have not associated it with the ‘vpop3’ task. Strange![*]the total scan time reported seems a bit high
Even though I selected 'store results' in the task definition, the Enhanced interface has no session log.
Should be fixed.
I got two alerts sent to me (one for each of the two infected attachments), even though I have not selected any of the alerts for this task! I do have an alert defined, which sends me email, but I have not associated it with the 'vpop3' task. Strange!
Well isn’t it a global alert (the one set up in the Settings dialog)? That one is not bound to a particular task, it’s effective for every task… Or you do have the alert only in an object in the Alerts folder?