User manual ESET MAIL SECURITY LINUX

[. . . ] we protect digital worlds ESET Mail Security Installation Manual and User Guide Table of contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Terminology and abbreviations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [. . . ] The email message is blocked in any other instance. If a virus is found, the virus name is extracted from the output. Next, if you are using the Linux RSR package, you must update your PATH environment variable with this command: export PATH="$PATH:/opt/eset/esets/bin" To successfully install amavis, you may need to install additional software such as arc, unarj, 19 unrar, or zoo. You must also make a symlink in /usr/bin from `uncompress` to `gzip` and create the amavis user in the amavis group with a home directory of /var/amavis. Then continue with the usual installation process (. /configure, make, make install) and follow the README. mta rules according your mail server. amavisd configuration Configuration of amavisd is performed during installation. Unpack the source amavisd-0. x. tgz and follow the rules for amavis described in section 5. 5. 1. 1 of this guide. After performing `make install', you may need to move `/usr/etc/amavisd. conf' to `/etc' and execute the `make install' process again. amavisd-new configuration To install the product with amavisd-new, unpack and install the source amavisd-new-2. x. y. tgz in your installation directory. Next, configure the product with the newly installed amavisdnew. To do this, delete the clause for `ESET Software ESETS' and then replace the clause for `ESET Software ESETS - Client/Server Version' in the file `amavisd. conf' with the following one: ### http://www. eset. com/ [`ESET Software ESETS Command Line Interface', `@BINDIR@/esets_cli', `--subdir {}', [0], [1, 2, 3], qr/virus="([^"]+)"/ ], You may need to install additional Perl modules Archive-Tar, Archive-Zip, BerkeleyDB, Compress-Zlib, Convert-TNEF, Convert-UUlib, IO-stringy, MailTools, MIME-Base64, MIME-tools, Net-Server and Unix-Syslog from www. cpan. org/modules. The procedure to install is as follows: perl Makefile. PL; make; make install. After configuration, please follow the recommendations for configuring amavisd-new in the README. mta located in the Amavisd-new directory according your mail server. 20 ESET Mail Security Chapter 6: Important ESET Mail Security mechanisms 6. 1. Handle Object Policy The Handle Object Policy (see Figure 6-1) is a mechanism that provides handling of the scanned objects based on their scanning status. This functionality is based on the following configuration options: `action_av`, `action_av_infected`, `action_av_notscanned`, `action_av_ deleted`, `action_as_spam`, `action_as_notscanned`. For detailed information on these options, please refer to the esets. cfg (5) man page. Scheme of Handle Object Policy mechanism. action_av accept scan defer, discard, reject object not accepted action_av_infected action_av_notscanned action_av_deleted accept defer, discard, reject object not accepted action_as accept scan defer, discard, reject object not accepted action_as_notscanned accept defer, discard, reject object not accepted object accepted Every object processed is first handled according to the configuration of the `action_av` option. If this option is set to `accept` (or `defer`, `discard`, `reject`) the object is accepted (or deferred, discarded, rejected). If the option is set to `scan` the object is scanned for virus infiltrations, and if the`av_clean_mode`optionissetto`yes`, theobjectisalsocleaned. Inaddition, theconfiguration options `action_av_infected`, `action_av_notscanned` and `action_av_deleted` are taken into account to further evaluate handling of the object. If an `accept` action has been taken as a result of these three action options, the object is accepted. Notethatanobjectisscannedforspamonlyiftheconfigurationoption`action_as`issetto `scan`. Inthiscase, theactionconfigurationoptions`action_as_spam`and`action_as_notscanned` are taken into account. If the option is set to `accept` (or `defer`, `discard`, `reject`) as a result of the two above action options, the object is accepted for further delivery (or the object is deferred, discarded or rejected). [. . . ] The next step is to redirect all SMTP requests to esets_smtp. If IP-filtering is being performed by the ipchains administration tool, an appropriate rule would be: ipchains -A INPUT -p tcp -i if0 --dport 25 -j REDIRECT 2525 If IP-filtering is being performed by the iptables administration tool, the rule is: iptables-tnat-APREROUTING-ptcp-iif0\ --dport 25 -j REDIRECT --to-ports 2525 On FreeBSD, the rule is as follows: ipfw add fwd 192. 168. 1. 10, 2525 tcp from any to any 25 via if0 in On NetBSD and Solaris: echo 'rdr if00. 0. 0. 0/0port25->192. 168. 1. 10\ port 2525 tcp' | ipnat -f Warning: Your MTA may accept all connections without extensive checking from esets_smtp because those connections are local. By using your own firewall rules, make sure you do not create an open relay, i. e. , allow someone from the outside to connect to esets_smtp and use it as a relay SMTP server. A. 8. Setting ESETS for scanning of POP3 communication ThePOP3communicationscanningisperformedusingesets_pop3daemon. Inthe[pop3] section of the ESETS configuration file, set these parameters: agent_enabled = yes listen_addr = "192. 168. 1. 10" listen_port = 8110 where`listen_addr'istheaddressofthelocalnetworkinterfacenamedif0. [. . . ]