GData Virus scan implementation based on WHS 2011 example

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Singlebit
New user
New user
Posts: 6
Joined: 2011-12-06 11:55

GData Virus scan implementation based on WHS 2011 example

Postby Singlebit » 2011-12-06 12:26

Hello,

since it took me some time to got the GData Internet Security for HomeServer integrated into the hmailserver I would like to share my solution with others in case they want to do the same thing.

Since the GData command line scanner is not supporting return codes I found another way to use it in hmailserver.

First you need to create a small batch script (I named it "virusscan.bat") and you place it where you want (Adjust the SCANBINARY value to your environment).

virusscan.bat

Code: Select all

@echo off
SETLOCAL ENABLEDELAYEDEXPANSION
set FILE=%1
set LOGFILE=%FILE%.scan.log
set MAXBYTESIZE=10
set SCANBINARY="C:\Program Files (x86)\G DATA\AVKClient\avkcmd.exe"
set RC=0
set INFECTEDSTRING=Infected

%SCANBINARY% /scan(e0a0):%FILE% /silent /nologo /noprogress /log(t0h0i0):%LOGFILE%

FOR /F "usebackq" %%A IN ('%LOGFILE%') DO set SIZE=%%~zA

if %SIZE% LSS %MAXBYTESIZE% (
    echo.Virus scanner did not find a virus or generated a message or warning.
) ELSE (
    echo.Virus scanner find a virus or generated a message or warning.
    echo.Checking if a real virus was found or only a message or warning was generated.
    for /f %%a in ('type %LOGFILE%') do (
        set s=@@@%%a
        if "%s%"=="!s:@@@%INFECTEDSTRING%=!" (
            echo.Virus found. "%LOGFILE%" contains an entry which begins with "%INFECTEDSTRING%".
            set RC=1
        )
    )
)

if "%RC%" == "0" (
    echo.No virus found.
    del %LOGFILE%
)

exit %RC%


This script is doing the actual scan.
It will call the GData virus scanner and in case the scanner writes entries in a log file (This is the case in case of a virus has been found or in case a file could not be opened or in case of other messages) it will check if it finds entries starting with the word "Infeced" which indicates a virus message.
In case of a virus was found it will not delete the LOGFILE but you can change this if you want :).

In the hmailserver Anti-Virus scanner executable you need then just to specify (Place the double quotes exactly as shown):

Code: Select all

"<PATH TO THE SCRIPT>\virusscan.bat" %FILE%

and Return value should be 1.

I know that the script might not be perfect and could be enhanced but for me it does what it should.

Good luck.

Cheers,

Singlebit

Return to “General discussions”



Who is online

Users browsing this forum: pete671 and 1 guest