CommuniGate Pro

McAfee VirusScan* Plugin for CommuniGate Pro

* VirusScan is a registered trademark of Network Associates and/or its affiliates in the US and other countries.

Note: The McAfee AntiVirus Plugin is available only for some platforms supported with the CommuniGate Pro server software. Before you order the McAfee Plugin License, make sure that the available versions of the Plugin software run on your CommuniGate Pro Server platform.

Note: The McAfee AntiVirus Plugin requires CommuniGatePro version 5.2.3 or later.

Download the McAfee Plugins

McAfee antivirus plugins are available for certain platforms only.
Operating System CPU Download
via
http		 via
ftp
Sun Solaris 8, 9 & 10 Sparc
Sun Solaris 10 x86
Microsoft Windows NT/2000/XP
Microsoft Windows 95/98		 x86
Linux
Kernel 2.4 & 2.6 (stdc++ library version = 5.0)		 x86
Linux
Kernel 2.6 (stdc++ library version = 6.0)		 x86_64
IBM AIX PowerPC
Apple MacOS X (Darwin)
version 10.4.x and greater		 UB (PowerPC+Intel)
FreeBSD 6.x x86

The current version of the Plugin is 4.0

The current version of the McAfee Antivirus Engine is 5.3.00.

The previous version is available:
Operating System CPU Download Note
via
http		 via
ftp
IBM OS/400 AS/400 Power Will be released soon
HP/UX HPPA Will be released soon
SCO UnixWare Intel Discontinued by McAfee
Linux IBM S/390 call call Discontinued by McAfee
FreeBSD 4.x x86 Discontinued

Installing on a MS Windows 200x/NT/XP/9x System.

Installing on a Sun Solaris System.

Installing on a Linux System.

Installing on a Linux IBM S/390 System.

Installing on a FreeBSD System.

Notes on FreeBSD 5.x installation:

You may be able to run FreeBSD 4 version under FreeBSD 5 if you perform the following actions:

Installing on an AIX System.

Installing on an HP/UX System.

Installing on a SCO UnixWare System.

Installing on a MacOS X (Darwin) System.

Note: There's an alternative way to install it from Terminal program using this command:  
installer -pkg ./CGPMcAfee.pkg -target /

Installing on an IBM OS/400 System.

Note! This software works only on OS/400 ® V5R1M0 and later releases.

These instructions assume:

  • you have a PC connected to iSeries (AS/400 ) via network;
  • OS/400 FTP server is up and running.

    • Upgrading to a newer version.

    When upgrading the Plugin to a newer version, do the following steps:

    Testing the antivirus Plugin.

    On Windows System:

    On a Unix System:

    Note: If in a Unix system the CGPMcAfee/CGPMcAfee program fails to start because some library is missing in your OS setup, try launching CGPMcAfee/CGPMcAfee-static program if one presents.

    Command Line Options

    The McAfee Plugin supports the following command-line options (parameters):

    --noHeuristic or -h
    This option tells the Plugin not to perform the heuristic analysis used to find new, unknown viruses. The option may be useful if some new virus crashes or slows down the McAfee virus scanning engine.

    --noMacros or -m
    This option tells the Plugin not to scan messages for macro viruses.

    --noDecompress or -d
    This option tells the Plugin not to decompress archives and packed executable files before scanning.

    Integrating the antivirus Plugin with CommuniGate Pro.

    Please check the VirusScan section of the CommuniGate Pro manual.

    Open the General page in the Settings section of the WebAdmin Interface and click the Helpers link. Create the Helper as follows:

    Content Filtering
    Log Level: Program Path:
    Time-out: Auto-Restart:
    Note: For Windows system the Program Path shold be CGPMcAfee\CGPMcAfee.exe
    Note: On some versions of FreeBSD system you may need to specify the full path to the program, i.e. /var/CommuniGate/CGPMcAfee/CGPMCAfee

    The recommended Scanning Rule is as follows:

    Data Operation Parameter
    Action Parameter

    Note: It's not recommended to scan small messages (less than 2K) because they are unlikely to contain viruses.

    Note: If you run the unlicensed version of the plugin you're limited to one message per hour. Therefore you must not scan all messages because this will just block the mail flow. If you want to see how the plugin catches viruses, then in the Scanning Rule you should specify more conditions in order to apply the ExternalFilter action only to messages from certain sender (from you) and with certain subject.

    Updating the virus definitions database.

    The database

    The virus definitions database is several .dat files in avvdat subdirectory. You can update them manually by downloading addvat-nnnn.zip file from http://update.nai.com/Products/CommonUpdater/.

    How you can automete the updates:

    Upon restart, the Plugin creates the Updates subdirectory in its current directory. Before scanning a message it checks for the Updates/update.sig file (the "signal file") presence. When the Plugin detects the signal file, it checks if the .dat files in that directory are valid, moves them from Updates into avvdat and erases all files in the Updates subdirectory. This allows you to avoid stopping the plugin when you update the .dat files.

    Updating the virus definitions database manually:

    Using incremental updates:

    The updateDatFiles program supports the following command-line options (parameters):

    --verbose or -v
    This option tells the Plugin not to print more detailed output.

    --base or -b
    This option specifies the plugin directory.

    --host or -h
    This option specifies McAfee FTP server name.

    --path or -p
    This option specifies the directory name in McAfee update server.

    Example:
    CGPMcAfee/updateDatFiles -v -b /var/CommuniGate/CGPMcAfee/ -h update.nai.com -p http://update.nai.com/Products/CommonUpdater


    To automate the launching of the updateDatFiles.exe on Windows system you can use the Windows' "Scheduled Tasks Manager" service.

    To automate the launching of the updateDatFiles on Unix systems you can use cron daemon, see more info in 'man cron' and 'man 5 crontab' output.
    The recommended crontab entry is as follows:

    #minute hour    mday    month   wday    who     command
0       3,15    *       *       *       root    /etc/periodic/McAfeeUpdate.sh
#launch the update at 3am and 3pm every day
    The /etc/periodic/McAfeeUpdate.sh script is as follows:
    #!/bin/sh
#
# Update McAfee virus definitions

MCAFEE_DIR=/var/CommuniGate/CGPMcAfee/
UPDATE_CMD=/var/CommuniGate/CGPMcAfee/updateDatFiles
MAILER_CMD="/usr/bin/mail -s 'cron: McAfee Update Report'"
REPORT_ADR="postmaster"

( \
if [ -d ${MCAFEE_DIR} ]; then
  cd ${MCAFEE_DIR}
  if [ -x ${UPDATE_CMD} ]; then
    ${UPDATE_CMD} 2>&1
    if [ ${?} -ne 0 ]; then
      echo "The command failed; retrying..\n"
      ${UPDATE_CMD} 2>&1
    fi
  else
    echo "Update command ${UPDATE_CMD} is not found."
  fi
else
  echo "Directory ${MCAFEE_DIR} is not found."
fi
) | eval ${MAILER_CMD} ${REPORT_ADR}

    For Windows you can use the following .bat file and launch it from the Task Scheduler: 

    @echo off
c:
cd \Communigate Fles\CGPMcafee
updateDatFiles.exe -v > update.log

    Note: The incremental updates are possible only if your current virus definitions database is not more than 15 days old. Otherwise you need to perform the full update, the updateDatFiles program will download the addvat-nnnn.zip for you but you will need to unzip it and create the signal file nanually. You normally need to do that only once when you start the Plugin for the first time, then you can continue with incremental updates.

    Configuring the Plugin.

    On startup the McAfee Plugin reads the contents of the CGPMcAfee.cfg file from the current directory. The format of the file data elements is described in http://www.communigate.com/CommuniGatePro/Data.html. The description of the data elements you may find in the CGPMcAfee.cfg file. The default CGPMcAfee.cfg is available here.

    It is safe to view and edit the CGPMcAfee.cfg file while the Plugin is running. After you have made changes to the CGPMcAfee.cfg, you should do one of the following:

    Evaluating the required license type.

    The McAfee License limits the number of messages the Plugin can scan within any 60 minute period of time. If the E-mail traffic exceeds the licensed limit, the Plugin suspends the CommuniGate Pro Queue processing module. Without the license you are limited to 1 message per hour.

    To evaluate the required license type: 

    #!/usr/bin/perl
$|=1;
my $count=0;

while(<STDIN>) {
  chomp;
  @line = split(" ");
  if ($line[1] eq "FILE") { $count++; }
  print $line[0] . " OK " . $count . " messages scanned.\n";
}
    CommuniGate® Pro Guide. Copyright © 1998-2008, Stalker Software, Inc.