The Dr.Web ClamD component is designed to scan, upon the request of external applications, both the content of files of the local file system and streams of data transmitted by an external application via a socket. Furthermore, the component can scan the contents of those files for which an external application passed an open file descriptor via a socket.
|
File scans based on a passed file descriptor can be performed only if the descriptor was passed via a local UNIX socket. |
If an external application has provided a path to a file in the local file system, the component sends the scanning task to Dr.Web File Checker; otherwise, the component transmits data received via the socket to Dr.Web Network Checker.
By default, the component is not automatically started together with Dr.Web Mail Security Suite. To enable starting of the component, it is necessary not only to adjust the Start parameter, but also to define at least one connection point for client applications. After that, the component starts waiting for external application requests for scanning files or data streams. You can configure multiple connection points for external applications in the settings and set individual scanning parameters for each of the points.
The external applications can be specifically represented by email servers (such as Postfix and Exim), if they have an integration module with clamd. For details, see Integration with External Applications.
|
Detected threats are not neutralized by Dr.Web Mail Security Suite; the external application only receives the scanning results. Thus, any detected threat should be neutralized by the external application itself. |
