File Malware Scanner

API to be implemented by the customer.
Symproxy uses this API to submit the attachment for malware scanning.
Malware Scanner implementation should initiate the malware scanning of the attachment after receiving the file successfully.



  • It is highly recommended that the API call does not enforce the malware-scanning operation synchronously. Instead, queue the request to some internal queue and return the response back, unblocking the client (Symproxy).
  • The service should be idempotent. There could be multiple submissions for the same file.


Symproxy behavior

When invoking the malware-scanner/v1/file endpoint on the scanner, symproxy will wait a maximum of 10 seconds for a response from the scanner. If it does not get a response in 10 seconds, it will retry.
It will try three times to invoke the malware-scanner/v1/file endpoint on the scanner if each previous attempt is unsuccessful.