 |
|
|
|
|
 |
 |
 |
|||
|
|
MailGate Support Issues Q. How can I set up MailGate with Sophos Anti-Virus? A. To use Sophos with MailGate you will also need to install the MailGate Anti-Virus Extension. There are some particular items to note when setting up MailGate with Sophos. Please follow the guidelines below. Sophos downloads Sophos Anti-Virus (30 day trial version) can be downloaded from http://www.sophos.com/downloads/products/ Sophos documentation can be downloaded from http://www.sophos.com/support/docs/ Sophos Installation You will need to install the following options depending on the operating system you're running on the server: WinNT/2000/XP/2003 - Install Sweep for NT Win95/98/ME - Install Sweep for DOS, Sweep95 can be installed for manual scanning and for installation of Intercheck Server. Sophos should be installed according to the Sophos documentation, however there are a few exceptions noted below: Installing Sophos on the server You can perform a Central Installation if you wish to install the Intercheck Server directory (for installing and updating on-access scanning on the client machines). If you install Intercheck Client on the server, you must ensure that certain directories within MailGate are excluded from scanning:
You don't actually need to install the Sweep95 product. MailGate only uses the DOS Sweep product for scanning mail, Sweep95 can be used on the server for either a manual or scheduled sweep for viruses. To install Sweep for DOS, do the following:
Note - The MailGate Anti-Virus Manual specifies that the DOS product should be installed in the same directory as the Sweep95 product, however, the Anti-Virus Extension has since changed in that it can now accept any path to Sweep for DOS. In MailGate, click on the "Virus Scanner" extension (in the main MailGate window), select the "Executable" tab, and make sure that the Path points to the directory where the DOS Sweep application is installed. If you have installed the InterChk server directory, this will contain the setup file that the client machines will need to run. When this setup is run on a client machine, it will install Sweep with Intercheck enabled. You must not run this client setup on the server itself, instead you can perform a Local Installation (according to the Sophos documentation), but do not enable any Intercheck options. Extension Installation You'll need to make sure you have the installation file for the latest version of MailGate, you can verify this by going to the Mailgate download area and checking the current version. Once you have the current version follow the instructions below:
Win95/98/ME - Select "Sophos Sweep.exe" at the drop-down menu Updating Sophos IDE files If you have more than one directory on the server that requires the Sophos IDE files (eg. "C:\Sweep" and "C:\Program Files\Sweep95" on a Win95 install), you will need to remember to update the IDE's within both of these directories. If you don't use the Anti-Virus Extension's Auto-Update feature then you'll need to manually distribute the IDE files to all directories used by Sophos. After a copy is placed in all necessary directories, you'll need to reboot the machine. If you use the Auto-Update feature in the MailGate Anti-Virus Extension, this will download the IDE's, and then update the directories specified in the "sav_up.bat" batch file. Before using this method you'll need to edit the batch file to make sure that the IDE's get updated in the correct directories. When editing the batch file you can remove the REM statements from the beginning of the options you require, or add REM to the beginning of the statements you don't require. When the IDE's are updated via the Auto-Update feature, you don't need to reboot the machine. You may also need to change or add a directory not specified in the batch file, eg: cd\program files\interchk copy \sav_up\*.ide setup /update /ni Further details on setting up the Auto-Update feature can be found in the FAQ here. How to check if it's working The first thing to do is stop and start the MailGate service and check the log files. You can check the current log file by using the MailGate Log Viewer (click on Logging | View Logs). Starting from the bottom of the log file, scroll up until you find a line similar to the line containing "MailGate 3.4.160 service starting". An extract from a 'healthy' log file is shown below, if your log file is similar to this then the Anti-Virus Extension should be set up correctly: MGATESVC I 15:50:29 0xfff073e7 MailGate 3.4.160 service starting MGATESVC I 15:50:29 0xfff073e7 Operating system is Windows 95 4.0 build 1111 B MGATESVC I 15:50:29 0xfff073e7 virus: Extension version 1.1.30 starting MGATESVC I 15:50:29 0xfff073e7 virus: Licenced serial number 006666 MGATESVC I 15:50:29 0xfff073e7 Loaded extension Virus.dll If the log file contains something similar to the section below, then try re-installing the Anti-Virus Extension, and make sure that you select the correct option in the drop-down menu for the operating system you're using: MGATESVC I 15:50:29 0xfff073e7 MailGate 3.4.160 service starting MGATESVC I 15:50:29 0xfff073e7 Operating system is Windows 95 4.0 build 1111 B MGATESVC W 15:50:29 0xfff073e7 Unable to load extension Virus.dll, error 6666 If the log file contains something similar to the section below, then you should check that Sophos is installed correctly - for a Win95/98/ME installation, make sure that the Executable tab in the MailGate Anti-Virus Extension is pointing to the directory where the DOS Sweep executable (sweep.exe) is situated: MGATESVC I 15:50:29 0xfff073e7 MailGate 3.4.160 service starting MGATESVC I 15:50:29 0xfff073e7 Operating system is Windows 95 4.0 build 1111 B MGATESVC I 15:50:29 0xfff073e7 virus: Extension version 1.1.30 starting MGATESVC I 15:50:29 0xfff073e7 virus: sweep.exe not present in c:\sweep, scanning inactive MGATESVC I 15:50:29 0xfff073e7 Failed to initialise extension Virus.dll, not loaded You can always create a test virus (which is 100% benign, but will be picked up as a virus by Sophos). The test virus will have to be sent from a machine which doesn't have Intercheck enabled, otherwise Sophos will not allow you to send it. For information on this, check out http://www.sophos.co.uk/virusinfo/articles/eicar.html NT/2000/XP/2003 only - To check if mail sent through MailGate is being scanned by Sophos, do the following: In the Sophos Sweep application, select the SAVI tab and make sure there's a red light next to the MailGate option, then click on the MailGate option. At the bottom of the SAVI tab, check the count for "Items swept", "Viruses detected" and "errors". You should find that even if an e-mail with an attachment is sent without a virus, the "Items swept" count should increase.  Return To FAQ |
 |
|
|
