Configuring SMSDOM to Ignore SpamSentinel Databases and Processes

Article:TECH187319  |  Created: 2012-04-25  |  Updated: 2013-10-25  |  Article URL http://www.symantec.com/docs/TECH187319
Article Type
Technical Solution


Environment

Issue



The SpamSentinel product will download software updates/other data and put these in databases.  These can potentially be detected by our product and then some action taken against the data.

 


Error



You may see the violation on the Domino console where it will also list the action which was taken and you may see these in quarantine.  However, if you have under Configuration/Backup configured to backup documents before repairing or deleting and then have an action to delete the attachments you may need to look in Backup/All within the quarantine database you may see the data there.

 


Environment



OS and Domino versions do not matter.  This can be an issue when SpamSentinel for Domino is installed with SMSDOM on the same machine.

 


Cause



Some of the data may be detected as potentially unsafe or viral.  The SpamSentinel software updates come down as .txt file but are really some are DLLs and EXEs which contain executable code.  The .txt extension does not fool SMSDOM and it will still be detected as the proper file types.  Therefore, if under Content Filtering/Multimedia/Executable Analysis you select to detect Executable files, the DLLs, EXEs, or any other binary file type that contains executable code will be detected with this setting.  DLLs are shared libraries of executable code that programs can use.  While they can not execute on their own they are still considered as executable files.

 


Solution



To fully exclude SpamSentinel processes and databases from being scanned there are two items in the settings we need to change.  "Configuration/Auto-Protect/Ignore the following server processes" and "Configuration/Inclusions/Exclusions/Databases and directories to exclude from scans".

Configuration/Auto-Protect/Ignore the following server processes
You need to add the following processes:
   ssmgr
   ssmonitor
   ssrouter


Configuration/Inclusions/Exclusions/Databases and directories to exclude from scans
You need to add the following directories:
   SpamSentinel
   SpamSentinel\Scan
   SpamSentinel\Templates
   C:\SpamSentinel\Manager
 

WARNING:  At the time of this writing the above SpamSentinel processes are correct and the directories mentioned are the default correct paths.  But within the SpamSentinel settings the paths could be different.  If this is the case then you may need to look find those locations and then change the paths above.

Here is a screenshot showing one location in SpamSentinel settings where one path could be changed:

 

Here is a screenshot showing the SMSDOM process exclusions.  The exclusions needed for SpamSentinel are underlined.

 

 Here is a screenshot showing the SMSDOM database exclusions.  The exclusions needed for SpamSentinel are underlined.  Notice the double underlined exclusion.  If you look above at the SpamSentinel settings image above, you will notice that this exclusion path matches that one.




Article URL http://www.symantec.com/docs/TECH187319


Terms of use for this information are found in Legal Notices