Adding a new Scanner (Ikarus)
Alessandro De Zorzi
lota at nonlontano.it
Wed Dec 25 11:51:21 CET 2019
Hi all,
I am new in this list ;-)
I trying use a new commercial antivirus [1],
it works fine on Linux Debian System and I can perform a scan file using
a PUT verb, i.e.
curl -X PUT -T /tmp/eicar_com.zip http://localhost:81/virusscan
produce a XML relay like:
<?xml version="1.0"
encoding="UTF-8"?><info><context><vdbbuild>11.11.2009 14:47:52
(1)</vdbbuild><engineversion>5.2.9.0</engineversion></context><scan><filename></filename><crc64>0x92ae23450b2ebe95</crc64><status>infected</status><infection><name>EICAR-ANTIVIRUS-TESTFILE</name><id>462103</id></infection></scan></info>
I added a new section in 15-av_scanners and amavis recognize it
Dec 25 11:46:16 imac amavis[4938]: Using primary internal av scanner
code for *IKARUS Antivirus*
but not works (not scan antivirus)
my (not working section)
# ### https://www.ikarussecurity.com/
['*IKARUS Antivirus*',
\&ask_daemon,
["PUT {}/virusscan",
['127.0.0.1:81'] ],
qr/(?i)<name>(.+)<\/name>/m ],
Someone can help me or link documentation about a "ask_daemon" section?
TIA
Alessandro - Lota
PS in 15-av_scanners already exists a obsolete Ikarus section, but not
seems usable...
[1] https://www.ikarussecurity.com/
More information about the amavis-users
mailing list