Enabling Virus Scanning
This section discusses virus scanning.
Virus scanning can be enabled for inbound MCF Email and AddAttachment, by configuring the virusscan.xml file for your virus scan engine. The location of this file on your WebLogic web server is:
<PIA_HOME>/webserv/<domain>/applications/peoplesoft/PSIGW.war/WEB-INF/classes/psft/pt8/virusscan
See Continue, ConvertChar.
To enable the virus scanning feature:
Open VirusScan.xml.
<?xml version="1.0" encoding="UTF-8"?> <Providers disableAll="True" logFile="./servers/PIA/logs/VirusScan%u.log"> <!-- Sample Configuration for Symantec Engine <Provider> <name>Symantec</name> <class>psft.pt8.virusscan.provider.GenericVirusScanProviderImpl</class> <icapversion>ICAP/1.0</icapversion> <service-name>/SYMCScanResp-AV</service-name> <policycommand>?action=SCAN</policycommand> <address>152.68.144.44</address> <port>1344</port> <disable>false</disable> </Provider>--> <!-- Configure your own proivider --> <Provider> <!-- Provider Name of the Scan Engine --> <name></name> <!-- Provider Class of the Scan Engine. psft.pt8.virusscan.provider.GenericVirusScanProviderImpl is the default provider class. --> <class>psft.pt8.virusscan.provider.GenericVirusScanProviderImpl</class> <!-- ICAP version --> <icapversion>ICAP/1.0</icapversion> <!-- ICAP ServiceName. The Service Name changes from Scan Engine to Scan Engine. This is the name Scan Engine Service is will be hosted with --> <service-name></service-name> <!-- RESPMOD extra commands, These are the RESPMOD commands (SEE ICAP Protocol). Usually these commands will be chainging from Engine to Engine --> <policycommand></policycommand> <!-- IP Address of Scan Engine host> --> <address></address> <!-- IP Port of Scan Engine host --> <port></port> <!-- Disable scanning for this provider --> <disable></disable> <!-- Default codes = 200 and 204 for clean, 201,403 for infected Use these tags to change the behaivior if needed <clean>200,204</clean> <infected>201,403</infected> --> <virusheader></virusheadercheck> </Provider> </Providers>
Note: A sample configuration for Symantec Engine is provided in the remarks.
In the Providers tag, set the attribute disableAll to False .
<Providers disableAll="False" logFile="./servers/PIA/logs/VirusScan%u.log">
Multiple scan engine can be configured under <Providers>. Each <Provider> tag represents one scan engine. All configured scan engines will check for viruses. For each <Provider> tag enter values for the tags:
Tag
Description
Example Value
<name>
Provider Name of the Scan Engine
Symantec
<class>
Provider Class of the Scan Engine
Default provider class is:
psft.pt8.virusscan.provider.GenericVirusScanProviderImpl
psft.pt8.virusscan.provider.GenericVirusScanProviderImpl
<icapversion>
ICAP version
ICAP/1.0
<service-name>
Service name for the scan engine host.
/SYMCScanResp-AV
<policycommand>
Policy command used by the Scan Engine. Only SCAN is supported.
?action=SCAN
<address>
IP address of Scan Engine host.
IP address of the machine where the scan engine is running
<port>
IP port of Scan Engine host.
Port where the scan engine is running
<disable>
Disable scanning for this provider.
false
<clean>
Default codes = 200 and 204 for clean.
You can use this tag to change the behavior if needed.
200,204
<infected>
Default codes = 201 and 403 for infected
You can use this tag to change the behavior if needed.
201,403
<virusheadercheck>This tag contains comma separated pair of configurable header and error. This tag can be configured only for these two errors: INFECTED and SCANERROR.
For example, <virusheadercheck>X-Violation::INFECTED,FileAttributeError::SCANERROR</virusheadercheck>. In this example, X-Violation will be checked in the response header from the Scan Engine and if found, INFECTED will be returned. If X-Violation is not found, FileAttributeError will be checked in the response header from the Scan Engine. If FileAttributeError is found, SCANERROR will be returned.
Note: If error is not configured for X-Violation, INFECTED will be returned by default.
Note: The <virusheadercheck> tag is not applicable when <clean> or <infected> is configured.
Note: If the first header is found in the response header from the Scan Engine, the subsequent headers are not checked.
Note: When <clean> or <virusheadercheck> is not configured, the default codes for clean (200, 204) and for infected (201, 403) will be checked in the response header and either CLEAN or INFECTED will be returned.
<virusheadercheck>X-Violation::INFECTED,FileAttributeError::SCANERROR</virusheadercheck>
There are two type of logs generated virus scanning logs and error logs.
Virus Scanning Logs
Virus Scanning logs are the only interface with the scanning engine. These logs are located in the path indicated by the logfile property in VirusScanning.xml. If there is a failure, the details will be logged ig.errorLog.filename in integrationGateway.properties
Error Logs
If there is a failure, the details will be logged ig.errorLog.filename in integrationGateway.properties For example, ig.errorLog.filename in <PIA_HOME>/webserv/<domain>/applications /peoplesoft/PSIGW.war/WEB-INF/integrationGateway.properties.
The return value when the virus scan for mail attachments is REPOSITORY_FAILURE = 8.
See Error Messages Returned by MCFGetMail Class Methods.
If there are any errors during file processing the error codes listed in this table will be generated.
Error Code |
Description |
---|---|
%Attachment_ViolationFound |
File violation detected by Virus scan engine. |
%Attachment_VirusScanError |
Virus scan engine error. |
%Attachment_VirusConfigError |
Virus scan engine configuration error. |
%Attachment_VirusConnectError |
Virus Scan engine connection error. |