Configuring Kaspersky Anti-Virus settings using the notes.ini configuration file

Kaspersky Anti-Virus settings can be managed either through the application interface or by changing the notes.ini configuration file. When managing application settings by means of the configuration file, you can specify the values of the settings that are not available via the application interface (such as enabling or disabling incremental scanning of objects) and manage some of the primary Kaspersky Anti-Virus functions via the command line of the Lotus Domino server console.

To change the configuration file settings:

1. Open the Lotus Domino notes.ini configuration file at the following location:
   • under Microsoft Windows operating systems – in the Domino server's catalog of binary files;
   • under Linux operating systems – in the Lotus Domino server's data catalog.
2. Edit the settings described below, and save changes.
3. Reboot the Lotus Domino server.

   The settings in the notes.ini file are not synchronized with the settings in the Kaspersky Anti-Virus interface. The configuration file settings take precedence over the interface settings.

The following settings can be edited:

• KAVArchDepthLevel. This setting determines the nesting level of archives to be scanned. Available values:
  • 32 – The allowed nesting level of archives to be scanned.
  • 0 / no set value – the number of nesting levels of scanned archives is unlimited.
• KAVCustomUpdUrlOnly. This setting determines the method for receiving updates. Available values:
  • 1 – The server receives updates only from the update source that you have specified. You can specify the update source in the profile settings or the server settings.
  • 2 / no set value – If the update from your specified source fails, Kaspersky Anti-Virus attempts to connect to a different update source (the one from which the most recent successful update was performed) or to Kaspersky Lab's update server. This value is used by default.
• KAVDatabasesPath. This setting defines the path to Kaspersky Anti-Virus databases relative to the Domino data catalog. By default, the defined path is to the application installation directory named kavdatabases.
• KAVDebugLog. The parameter lets you configure rotation of the event log and statistics. To configure rotation of the log, you must specify a value for the level variable and assign the debug roll value to the appenders variable.

  Example: KAVDebugLog=--level=all --appenders=debug roll --roll-mode=both --roll-size=10000000 --roll-style=day --store-period=1

• KAVLicenseNotifyDays. This setting lets you specify how many days before key file expiration that Kaspersky Anti-Virus will begin to notify the administrator that the key file expires soon. This setting is not available by default. Kaspersky Anti-Virus notifies the administrator 14 days prior to the expiry of the key file.
• KAVMaxScanInMemorySize. This setting determines the maximum size (in kilobytes) of an object that can be scanned in the server's operating memory without saving the object on the hard drive. This setting is used for all tasks. If the size of the object does not exceed the set value, the object is scanned in the server's operating memory without being saved on the hard drive. If this setting is changed, you must restart the task. Possible values are from 0 to 16384:
  • 16384 is the maximum permissible value of this setting. If the value of this setting exceeds 16384 KB (16 MB), the setting is assigned the value of 16384.
  • 1024 is the default value.
  • 0 / no set value – objects cannot be scanned in the server's RAM without being saved on the hard drive.
• KAVNonIncrementalScan. This setting enables and disables incremental scanning of objects. Available values:
  • 1 – incremental scanning is disabled. This value is used by default.
  • 0 / no set value – incremental scanning is enabled.
• KAVProcExclude. This setting lets you specify the processes to exclude from Kaspersky Anti-Virus scans. The application does not monitor these processes during its operation. By default, the following processes are excluded from scanning: updall, nupdate, ldap, event, statlog, fixup, and compact.