Is it possible to change period of updating definitions for Kaspersky Virus Blocker or Virus Blocker? We have desktop with Kaspersky Antivirus and it blocked 3 emails with viruses, but Untangle marked them as clean. Probably virus definitions were older in Untangle, because have set up on workstation to update definitions every hour.
How often Untangle updates definitions? Once a day?

The AV updates run every hour via a cronjob.

Unless he has a problem on his box...

skrzat,

Can you run this and let us know the output ?

/usr/bin/keepup2date.sh -c /etc/kav/kav_updater.conf

or you can check the updater log file at

less /var/lib/kav/log/kavupdater.log

Keep in mind that the last file logs the date in the DateFormat=%d-%m-%Y



Thanks

There are three more possibilities of such a situation:

1) does Untangle check archives? It is possible that the virus was inside of an archive and that it was detected only after unpacking. Desktop KAV email scanner does checks inside archives by default;
2) does Untangle use extended Kaspersky bases? Maybe that was not a virus but a "potentially unwanted software" or even "joke"?
3) is it confirmed that the detection was not a heuristic-based and/or behavior-based?