CMS has encountered two different types of virus scanners in use with Praetor.
SMTP-based virus scanner
PC-based virus scanner that checks files on the local hard drive
Here are some observations and the issues you might encounter.
This type of virus scanner operates in a manner like Praetor itself. Conceptually it performs its scanning function as a SMTP mail relay, first receiving the message via SMTP and then analyzing the message and its attachments for any viral infection. If the message is found to be free of infection, it will be transmitted to the receiving host.
In this environment, Praetor must be the very first SMTP mail host that receives the message from the Internet, before the virus scanner. There are two possible issues involving Praetor that we have seen to occur when trying to make it coexist with the virus scanner on the same machine.
Since Praetor is the first mail server, it must receive on the SMTP port 25. This will require the virus scanner to be configured to listen on a different port; we suggest using 28 which is the default port that Praetor will use to send inbound messages to the local mail server.
If your virus scanner is configured to scan and send outbound messages, it needs to be able to distinguish between incoming and outgoing messages. You must configure it to perform DNS queries for sending outgoing mail.
An example of this type of product includes WebShield SMTP from McAfee.
If you have this type of virus scanner installed and running on the Praetor machine, you will need to exclude that antivirus product from scanning the following directories and all subdirectories underneath them:
C:\Program Files\CMS Praetor G2
This is needed to prevent a collision between the antivirus product and Praetor/IIS SMTP Server. We have seen collisions on files in the Praetor OUT directory that are the temporary files created as messages are being received. The results are odd operational behavior with application event log entries indicating Praetor's inability to read and write to the message files.
Examples of this type of product include Symantec's Norton Antivirus, McAfee, and other single-user antivirus products from various companies such as Panda Software, Sophos, Norman, etc.
Some antivirus products have a 'mail protection' which you need to turn off. Known examples of this is the Mail Protection facility found in Symantec's Norton Anti-Virus product.
The reason is because they are examining the messages for viral content, messages without any virus are getting delivered through the antivirus products' approval. Thus the antivirus product has circumvented Praetor, which has actually quarantined its copy of the very same messages.
Another separate issue CMS has seen in October 2005 was when the Norton Mail Protection facility was enabled and it completely prevented the IIS SMTP Virtual Server from delivering to the downstream mail server. Only when it was disabled did the queued inbound messages started flowing.