Home » Kerio User Forums » Kerio Connect » AntiVirus Issues (Update to 9.2.5 so far a mess...)

Messages: 102
Karma: 7
Send a private message to this user
Hi all!

I have not posted in a long time, mainly since Kerio has been running great over the past couple of years. However, last week the old Sophos AV quit working on me. This has happened before, and the fix was pretty easy. Just stop Kerio, delete the old AV directories, and re-install Kerio. Last time I also updated Kerio when this occurred. This time was not so great.

The update, of course, changed the AV to Bitdefender from Sophos. Upon launching the AV would not work. Reading through the forums here show that maybe I just need to be patient for the AV to download it's definitions before it will scan. Problem is neither I or my users are that patient. We can't wait for the e-mail server to spend a hour waiting for this update. I waited for the update to complete last night, after almost an hour it had not downloaded from what I can tell, still no AV and no mail delivery because no AV. So I stopped AV again. We are now delivering e-mail with no AV. NOT GOOD!

So, I'm wondering if there is an interim fix for this? Turn on AV, but turn off scanning or at least let e-mail be delivered without scan, just notify admin or logs of this. Then of course scan when the downloads are complete. Here's the config file settings, not sure where to adjust to try this scenario out?

<table name="Antivir">
<variable name="AvirEnabled">0</variable>
<variable name="UsedInternal">0</variable>
<variable name="UsedPlugin"></variable>
<variable name="ValidateUpdateServer">1</variable>
<variable name="InternalIgnoreEncryptedFiles">1</variable>
<variable name="LiveProtectionEnabled">1</variable>
<variable name="SophosMachineId">**removed**</variable>
<variable name="AdminNotify"></variable>
<variable name="AdminNotifyFiltered"></variable>
<variable name="Bounce">0</variable>
<variable name="RemoveAttachments">1</variable>
<variable name="InsertSubjectPrefix">0</variable>
<variable name="SubjectPrefix">**VIRUS**</variable>
<variable name="CheckImpossibleMode">0</variable>
<variable name="DelayIfFailed">1</variable>
<variable name="UpdateInterval">3</variable>
<variable name="UpdateDatabaseTime">0</variable>
<variable name="UpdateLastCheck">1517028648</variable>
<variable name="ShortTimeout">60</variable>
<variable name="LongTimeout">120</variable>
<variable name="UpdateTimeout">3600</variable>
<variable name="RestartWait">300</variable>
<variable name="MaxScanningThreads">8</variable>

Some settings that look promising "LiveProtectionMode", "DelayIfFailed". I'm wondering if having these on or off will let mail flow without the scan? Yet, with the AV on at least it will download the definitions. Then I can change it back on when the definitions are in? Not sure how to check the definitions download either. This is all too "hidden" in my opinion. I much prefer to know exactly what is going on with the software at all times. I wish the logs were more informative.

Also not sure if the "SophosMachineID" is needed any more...

Anyway, does anyone have any words of wisdom here? Or anyone had enough experience with this new AV to help out?


[Updated on: Mon, 29 January 2018 17:07]

Previous Topic: IMAP foldernames in wrong language
Next Topic: Huge increase in mail marked as spam
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Jan 17 20:47:33 CET 2019

Total time taken to generate the page: 0.74641 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.