Virus scanning for message attachments

You can set up HCL Domino to work with any virus scanning server that supports the ICAP protocol to scan attachments in mail messages for viruses.

This feature requires:
  • A minimum of Domino 12.0.2.
  • A third-party ICAP protocol server to do the virus scanning. Domino has been tested with the products Trend Micro Web Security and McAfee Web Gateway. TLS is required to connect to the server.

First released in Early Access Program Drop 1, in Drop 3 virus scanning is now more tightly integrated with the router, thus you no longer need the cscanext Extension Manager library. You may remove EXTMGR_ADDINS=cscanext from your server's notes.ini. It will cause no harm to leave it in your notes.ini, but it is best to remove it.

The templates for the databases cscancfg.nsf, cscanlog.nsf, and cscanquarantine.nsf have been updated. Some additional fields and actions have been added. For example, from cscancfg.nsf there is an action button to open cscanlog.nsf, and documents in that database have actions to open quarantined messages in cscanquarantine.nsf.

When a message has been successfully scanned and is free of viruses, Domino places a secure token item on the message. When other servers in the domain process the message, they avoid scanning the message again if they successfully validate the token and it has not expired or been invalidated.

There is an option to send any virus scanning logging that would normally go to the Domino console to a separate file instead.

The mailscan task now purges documents in cscanlog.nsf and cscanquarantine.nsf that are older than the "Log retention days" and "Quarantine days" settings, respectively, in the cscancfg.nsf configuration document.

Previously, cscanlog.nsf contained documents for scanned attachments only. It now contains documents for scanned messages as well. A message log document has some basic information about the message and an embedded view that links to the attachment log documents.

Basic statistics have been added. Use console commands show stat Mail.AV* and show stat mailscan.* to examine the new statistics.