Page 1 of 1

[SOLVED] Eset scan not working.

Posted: 16 Apr 2020 07:47
by vind
Hello,

I'm just testing efa 4 before migrating our V3 server.
Everything works great but I got something strange with Eset.

We got an Eset File Security license and I've installed it on efa server (using EFS V4 as V7 is totaly different).

When I do a "MailScanner --lint" on shell here's what I got :

Code: Select all

===========================================================================
Virus Scanner test reports:
Clamd said "eicar.com was infected: {HEX}EICAR.TEST.3.UNOFFICIAL"
Sophos said ">>> Virus 'EICAR-AV-Test' found in file /var/spool/MailScanner/incoming/22138/1/eicar.com"
Esets said "found Eicar test file in eicar.com"
Nice, but I've read that there some "sudo issues" and as I ran command line in root I tried the following :
" sudo -u postfix Mailscanner --lint"

Code: Select all

===========================================================================
Virus Scanner test reports:
Sophos said ">>> Virus 'EICAR-AV-Test' found in file /var/spool/MailScanner/incoming/22654/1/eicar.com"
Esets said "found Eicar test file in eicar.com"

If any of your virus scanners (sophos,esets)

And when I launch it with web interface :

Code: Select all

=========================================================================== 	
Virus Scanner test reports: 	
Clamd said "eicar.com was infected: {HEX}EICAR.TEST.3.UNOFFICIAL" 	
Sophos said ">>> Virus 'EICAR-AV-Test' found in file /var/spool/MailScanner/incoming/10829/1/eicar.com" 	
If any of your virus scanners (sophos,esets,clamd)
I'm a little disapointed, does my 3 Antivirus are used for scanning ?

br,
Vind

Re: Eset scan.

Posted: 23 Apr 2020 13:52
by vind
I finally managed to solve my issu so if anybody got the same :

selinux was blocking efa from using eset antivirus, I tried to make rules in order to let it works but it seems that eset is not compatible with selinux.

So the only way to make it works was to disable slinux.

Re: Eset scan.

Posted: 23 Apr 2020 14:22
by smyers119
vind wrote:
23 Apr 2020 13:52
I finally managed to solve my issu so if anybody got the same :

selinux was blocking efa from using eset antivirus, I tried to make rules in order to let it works but it seems that eset is not compatible with selinux.

So the only way to make it works was to disable slinux.
Not sure i agree with your solution. Did you do a audit2allow?

Re: [SOLVED] Eset scan not working.

Posted: 23 Apr 2020 14:44
by vind
Yes of course I tried, but I was unable to make it works.

After some seaches I found this -> https://support.eset.com/en/kb880-is-es ... grsecurity