How to clear out corrupted rulesets for Symantec Brightmail Message Filter 6.x or Symantec Mail Security for SMTP 5.0.x

Article:TECH85017  |  Created: 2006-01-18  |  Updated: 2011-11-07  |  Article URL http://www.symantec.com/docs/TECH85017
Article Type
Technical Solution

Product(s)

Issue



You have been asked by Symantec Technical Support to clear out the rulesets and/or virus definitions to determine whether corrupted rules or definitions are leading to a symptom you are experiencing.

 


Solution



Before you begin:
Please verify that "Check for and install non-default definitions" checkbox has been enabled. "Check for and install non-default definitions" is located in Settings > Virus page. For windows installation, enabling this option will allow SMSSMTP 5.x to look for newer definition installed in <drive>:\Program Files\Common Files\Symantec Shared\VirusDefs folder.

To download and apply Rapid Release virus definitions for SMSSMTP 5.0 for Windows

  1. Go to the Rapid Release folder on the Symantec FTP site: ftp://ftp.symantec.com/AVDEFS/symantec_antivirus_corp/rapidrelease/
  2. Download and run symrapidreleasedefsx86.exe.

Virus definitions are now updated on the computer that ran the Intelligent Updater.

To download and apply Rapid Release virus definitions for SMSSMTP 5.0 for Linux or Solaris

  1. Go to the Rapid Release folder on the Symantec FTP site: ftp://ftp.symantec.com/AVDEFS/symantec_antivirus_corp/rapidrelease/
  2. For Linux, download the ennlu.lin file.
  3. For Solaris, download the ennlu.sol file
  4. Obtain root permissions by logging in as root or using the su or sudo commands.
  5. In a shell, cd to the directory where you saved the ennlu.lin file.
  6. For Linux, type: unzip ennlu.lin -x zdone.dat -d /opt/Symantec/virusdefs/incoming/
  7. For Solaris, type: unzip ennlu.sol -x zdone.dat -d /opt/Symantec/virusdefs/incoming/
  8. For Linux, type: unzip ennlu.lin zdone.dat -d /opt/Symantec/virusdefs/incoming/
  9. For Solaris, type: unzip ennlu.lin zdone.dat -d /opt/Symantec/virusdefs/incoming/

    Note: You can unzip all the files to a temporary location and move the files in manually in place of steps 5 and 6, just make sure that you move zdone.dat last.


To clear out bm_ruleset folders for SMSSMTP 5.0 on Windows

  1. Stop SMS filter-hub, SMS Conduit, and the SMS Liveupdate Controller services.
  2. Navigate to C:\Program Files\Symantec\SMSSMTP\scanner\rules
  3. Create a new folder named “Ruleset.old”
  4. Drag all bm_ruleset folders into the Ruleset.old folder. Except AntiVirus, Verity, and bm_ruleset folders which is named 'basicspam' or 'gatekeeper'.
  5. Drag the files .sequence.0, .sequence.2, blrm, and hashes into ruleset.old
  6. Restart the services from Step 1.


To clear out bm_ruleset folders for SMSSMTP 5.0 on Linux or Solaris

  1. Stop all daemons for Symantec Mail Security for SMTP 5.0
  2. Navigate to /opt/Symantec/SMSSMTP/scanner/rules
  3. Create a new folder named “Ruleset.old”
  4. Move all bm_ruleset* folders into the Ruleset.old folder
  5. Move the files .sequence.0, .sequence.2, blrm, and hashes into the Ruleset.old folder
  6. Restart all daemons for Symantec Mail Security for SMTP 5.0




To clear out bm_ruleset folders for SBMF 6.x see the following KB article: Initiating The Download Of New Sets Of Rules For Symantec Brightmail Message Filter (AntiSpam).




 



Legacy ID



2006101808142763


Article URL http://www.symantec.com/docs/TECH85017


Terms of use for this information are found in Legal Notices