Antivirus filter not working?

In this thread AV license expired errors  notified us that "The BitDefender license inside SMG expired on December 31st".

The Secure Messaging Gateway UPDATE HISTORY shows:

  

Before updating SMG application RPM to version 1.0.1-496.1 then to version 1.0.1-498.1 immediately thereafter, my smg-scanner-10 log was filled with entries stating "(avas)<0> Failed to connect to AV/AS service". Now, they are gone. 

To me, this implied the issue had been resolved, but maybe not.

This is one of my monitoring gadgets:

It is telling me no viruses are being detected; 

My smg-scanner-10 log shows this sequence for all antivirus scans on incoming messages.:

  • (iscn)<47> Running test: Anti-Virus (Primary Scanner)
  • (avir)<47> Processing ANTIVIRUS filter: Anti-Virus (Primary Scanner)
  • (avir)<47> Requesting AV scan from service provider
  • (avir)<47> AV service provider response received
  • (iscn)<47> Test finished: Anti-Virus (Primary Scanner)

I see nothing to indicate whether or not the scan found a virus (or other malware).

I'm more than a bit concerned that no viruses have been detected since the hotfix was applied.

Is anyone else experiencing similar behaviour?

__________
Kevin Boyle, SuperUser

Calgary, Alberta, Canada

Parents
  • 0

    Hello,

     I found this problem on my side: because only one "bdamserver" process was active, the Antispam part.

    Inside the scanner log file there was this lines - "Failed to connect to AV/AS service":

    [140174495307520] 2024-01-03 00:00:04 (iscn)<1353> Running test: Inbound Anti-Virus
    [140174495307520] 2024-01-03 00:00:04 (avir)<1353> Processing ANTIVIRUS filter: Inbound Anti-Virus
    [140174495307520] 2024-01-03 00:00:04 (avas)<1353> Failed to connect to AV/AS service
    [140174495307520] 2024-01-03 00:00:04 (avas)<1353> Failed to connect to AV/AS service
    [140174495307520] 2024-01-03 00:00:04 (iscn)<1353> Test finished: Inbound Anti-Virus

    One some customer systems the Bitdefender AV was active until a service restart was necessary. So some installations runs ok (without pattern update) without a license key.

    My clamav scanner was active all the time and give me a base protection.

    Kind regards,

    Michael 

Reply
  • 0

    Hello,

     I found this problem on my side: because only one "bdamserver" process was active, the Antispam part.

    Inside the scanner log file there was this lines - "Failed to connect to AV/AS service":

    [140174495307520] 2024-01-03 00:00:04 (iscn)<1353> Running test: Inbound Anti-Virus
    [140174495307520] 2024-01-03 00:00:04 (avir)<1353> Processing ANTIVIRUS filter: Inbound Anti-Virus
    [140174495307520] 2024-01-03 00:00:04 (avas)<1353> Failed to connect to AV/AS service
    [140174495307520] 2024-01-03 00:00:04 (avas)<1353> Failed to connect to AV/AS service
    [140174495307520] 2024-01-03 00:00:04 (iscn)<1353> Test finished: Inbound Anti-Virus

    One some customer systems the Bitdefender AV was active until a service restart was necessary. So some installations runs ok (without pattern update) without a license key.

    My clamav scanner was active all the time and give me a base protection.

    Kind regards,

    Michael 

Children