Overview

GFI MailEssential uses multiple antivirus engines to scan inbound, outbound and internal emails for the presence of viruses. You can acquire a license for Kaspersky Virus Scanning Engine as it is not shipped with MailEssentials. 

This article describes how to manually update the Kaspersky Virus Scanning Engine for instances when the automatic updates are unsuccessful or failing.

Diagnosis

Symptoms that the Kaspersky antivirus engine has become corrupt and cannot be initialized include:

• Definitions in the engine are corrupt and not allowing auto-updates to complete successfully.
• Items will land in the Failed mails folder when the engine fails to initialize.
• Improper exclusions for file-based backups and 3rd party Anti-virus scanners can corrupt definitions.
• Content filter type hardware firewalls can corrupt the MD5 checksum during the update process so it is important to verify the proper exclusions on the hardware firewall for successful updates.

Prerequisites

Before proceeding with the described steps ensure that you are logged on to GFI MailEssentials administration console using an account with administrative privileges.

Environment

• GFI MailEssentials 
• All supported environments

Solution

There are two ways to manually initiate the update:

Solution 1

1. Navigate to the following directory <GFI MailEssentials installation path>GFI\MailEssentials\Updater\kaspersky
2. Delete the following files

• kaspersky_current_revision.txt
• kaspersky_current_revision.txt.checked
• kaspersky_current_revision.txt.tmp

3. Open Services.msc and restart the GFI MailEssentials AV Scan Engine and GFI MailEssentials Autoupdater services.
4. Open MailEssentials Configuration and navigate the dropdowns to  Email Security > Virus Scanning Engines > Kaspersky > Updates
5. Click Download Updates click Apply
6. Verify that the definitions have successfully downloaded, check the Confirmation section at the bottom of this article for details.

Solution 2

If the above steps do not update the definitions a manual update is needed in order to clear the possible corrupt definitions out of the MailEssentials directories. Follow the steps below in order to complete the manual update process.

1. Open a browser and navigate to http://cdnupdate.gfi.com/
2. Navigate to the following directory incav2 > kaspersky83 > c1 folder and click the kaspersky83_current_version_c1.zip link to download the latest Kaspersky definitions.
3. After the download has completed you will need to navigate to service.msc and stop the SMTP or transport service(note this will stop mail flow and queue the messages in exchange until restarted)
4. In services.msc console locate and stop all GFI services related to MailEssentials
5. Extract the downloaded zip from step 2 to the following location <GFI MailEssentials installation path>\GFI\MailEssentials\Updater\kaspersky overwrite when prompted by windows
6. Navigate to the directory where you just extracted the files from the previous step  <GFI MailEssentials installation path>\GFI\MailEssentials\Updater\kaspersky and locate the folder Eng.
7. Copy the contents of Eng folder twice to the following locations <GFI MailEssentials installation path>\GFI\MailEssentials\AntiVirus\kaspersky and <GFI MailEssentials installation path>\GFI\MailEssentials\AntiVirus\backup\Kaspersky overwrite when prompted.
8. Go back to <GFI MailEssentials installation path>\GFI\MailEssentials\Updater\kaspersky and extract kaspersky83.zip contents (Base folder) to both locations mentioned in step 7.
9. Start all services stopped in Steps 3 and 4.

Confirmation

Open MailEssentials configuration and verify that the Kaspersky Engine has been updated successfully with the latest definitions by navigating to Email Security > Virus Scanning Engines > Kaspersky then opening the Updates tab.