ORF External Agent KAV not blocking incoming threats RSS Back to forum
@mspurrell:
Hello,
I don't use KAV but here are some general things to check:
On the ORF side:
- Be sure the external agent role is set as an Anti-Virus
- Check the ORF Admin/Information/Statistics to see if tests against KAV are running
On the KAV side:
- Look up command line options to see if you need to add anything to the External agent definition
- Be sure avp.com can handle MIME EML files and their attachments, as well as ZIPs
- You would probably want to use logging to check on things from the KAV side
On your side:
- Be sure the account you send tests from is not whitelisted, not is the Eicar attachment cleaned by the sending server before reaching ORF
Good luck,
Sam
@Sam Russo:
Hey Sam,
Thanks for taking the time to reply. I opened a service request with Vamsoft support and they quickly resolved my issue. We tried all the suggested steps but in the end all I had to do was point the external agent path to avp.exe rather than avp.com. After that change KAV blocked potential threats.
Regards,
Matt
Hello,
I am running ORF Fusion for SBS 5.3 and Kaspersky Endpoint Security 10 as the external agent and I am having a lot of trouble getting KAV to do its job and block potential threats. I have KAV listed under the agents window. The agent executable is pointing to avp.com in program files and my cmd line parameter is "scan {EMAILFILESPEC} /i4" without the quotes.
I was sure to turn external agents ON and set it to "on arrival."
I am using eicar.com as a test file in hopes that the external agent blocks it but no matter what I try it keeps arriving in the email inbox.
Could anyone point me to a resource that might give me more detail on using this particular anti-virus with ORF? Or does anyone here have experience using KAV with ORF?
Sorry if I am leaving out any information that is needed! This is my first post. Any info anyone can provide will help. Google seems to be useless at this point.