How to use NOD32 V3 and above with MailMarshal


This article applies to:

  • Trustwave MailMarshal (SEG)
  • Trustwave ECM/MailMarshal Exchange 7.X
  • NOD32 command line virus scanner

Question:

  • How to use NOD32 with MailMarshal

Information:

NOD32 is provided as a pre-configured external (command line) scanner in current versions of the named Trustwave products.

Procedure:

Follow the steps below to add NOD32 with MailMarshal:

  1. In the MailMarshal Configurator start the New Virus Scanner Wizard. (In MailMarshal (SEG) 10, choose to add a virus scanner from the policy element list.)
  2. Select Nod32 from the list of scanners.
  3. In the Command Line or Path field navigate to the NOD32 installation directory, by default: 
    C:\Program Files\ESET\ESET Security
  4. Select ecls.exe and click Open.
  5. The following parameters are entered by default:

    /no-boots /sfx /rtp /mail /clean-mode=none /no-quarantine "{CmdFileName}"

  6. Finish the process to add the scanner, and commit configuration.

If you already have configured NOD32 using a different definition in MailMarshal, you can edit the scanner definition and substitute the parameters above.

Note:

  • The above parameters when last verified detected known test virus strings and report the result correctly to MailMarshal.
  • Trustwave strongly recommends you verify that the scanner functions correctly, using the eicar.com test file.
  • Trustwave strongly recommends you review the list of available command line parameters in your version of NOD32, and select the options you prefer.
    • For more information about NOD32 command line parameters, please consult NOD32 documentation.
  • You should not enable cleaning or quarantining with a command line scanner.

Last Modified 4/1/2020.
https://support.trustwave.com/kb/KnowledgebaseArticle12706.aspx