Attachment Virus Scanning Service

   Journey Manager (JM) The transaction engine for the platform. |   System Manager / DevOps |  23.04This feature was updated in 23.04

Manager comes with several preconfigured antivirus services to scan any files that form users may attach to forms. In most of onboarding journeys, forms are often designed to include various supporting documentation, such as proof of ID, which are file attachments.

Attachment virus scan services ensure no malicious or infected files enter the system as attachments. For this to work, there must be at least one antivirus attachment scanning service configured and set as a default Virus Scan type service for each Manager instance. This is usually done after Manager software has been installed.

Manager runs a default antivirus service to scan files at upload time for all form-related flows with attachments. These flows include:


Attachment data stored in the Manager database directly with custom core Groovy services using Core API is not scanned.

Manager delivers a form submission only if all attachments are scanned and marked as free of viruses or malicious software. If infected files are detected, they are either blocked from upload, or, if picked up by the Virus Scan scheduled job, deleted. In this case, a form user, who uploaded the attachment, is notified via email.

When a file is scanned, one of the following states is set as the Virus Status property, which you can check for each transaction with attachments:

  • Clean - an attachment is free of viruses or malicious software
  • Virus - an attachment is infected
  • Scan Error - an error happened during the scan
  • No Data - an attachment is missing actual data and doesn’t need to be scanned anymore

Manager has the standard virus scan scheduled job, which queries the database for all file uploads with the Virus Status property set as Scan Error or Null and deletes the infected files. Null is different from No Data and it means there is no attachment specified.

Submissions that are pending virus scan results for their attachments remain in the Delivery Not Ready status until all virus scans are completed. After that, they can transition through delivery.

Manager also scans all files, such as configuration files, import archives or reference data, that are imported or uploaded via its UI, for viruses. For example, Manager will kick off a virus scan during a service import operation. This functionality is enabled by default, but you can turn it off using the Enable Virus Scan for JM Uploads deployment property.  |  23.04 This feature was introduced in 23.04

Manager provides the following preconfigured virus scanning services, so you can choose one depending on your Virus Scanning EngineVirus Scanning Engine is Antivirus software (AV software), also known as anti-malware, which is a computer program used to prevent, detect, and remove malware.:


You must configure at least one virus scanning service in Manager so it can perform regular virus scanning activities.

Next, learn how to configure the ClamAV attachment virus scanning service.