User manual ESET MAIL SECURITY

[. . . ] we protect digital worlds ESET Mail Security Installation Manual and User's documentation Table of contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Terminology and abbreviations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [. . . ] If it a virus was found, it's name is extracted from the output. Next, if you are using the Linux RSR package, you have to update your PATH environment variable with this command: export PATH="$PATH:/opt/eset/esets/bin" For successful installation you may need to install additional software like arc, unarj, unrar, 19 zoo. You also have to make a symlink in /usr/bin from uncompress to gzip and create the user amavis in group amavis with home dir /var/amavis. Now continue with the usual installation process (. /configure, make, make install) and follow the rules README. mta according your mail server. amavisd Configuration of Amavisd is performed during the process of Amavisd installation. Unpack the source amavisd-0. x. tgz and follow the rules for amavis described in previous section of this guide. After `make install' you may need to move `/usr/etc/amavisd. conf' to `/etc' and do a `make install' again. amavisd-new In order to install the product with Amavisd-new, unpack and install the source amavisdnew-2. x. y. tgz in your installation directory. Now to configure the product with newly installed Amavisd-new, delete the clause for `ESET Software ESETS' and replace the clause for `ESET Software ESETS - Client/Server Version' in file `amavisd. conf' with the following one: ### http://www. eset. com/ [`ESET Software ESETS Command Line Interface', `@BINDIR@/esets_cli', `--subdir {}', [0], [1, 2, 3], qr/virus="([^"]+)"/ ], You may need to install additional Perl modules Archive-Tar, Archive-Zip, BerkeleyDB, Compress-Zlib, Convert-TNEF, Convert-UUlib, IO-stringy, MailTools, MIME-Base64, MIME-tools, Net-Server and Unix-Syslog from www. cpan. org/modules. The procedure is by each as follows: perl Makefile. PL; make; make install. After configuration, please follow the recommendation for configuring Amavisd-new in README. mta located in Amavisd-new directory according your mail server. 20 ESET Mail Security Chapter 6: Important ESET Mail Security mechanisms 6. 1. Handle Object Policy The Handle Object Policy (see figure 5-1) is a mechanism that provides handling of the scanned objects depending on their scanning status. The mechanism is based on so-called action configuration options:`action_av`, `action_av_infected`, `action_av_notscanned`, `action_ av_deleted`, `action_as_spam`, `action_as_notscanned`. Fordetailedinformationontheoptions, please refer to the esets. cfg(5) manual page. Scheme of Handle Object Policy mechanism. action_av accept scan defer, discard, reject object not accepted action_av_infected action_av_notscanned action_av_deleted accept defer, discard, reject object not accepted action_as accept scan defer, discard, reject object not accepted action_as_notscanned accept defer, discard, reject object not accepted object accepted Every object processed is at first handled with respect to the setting of the configuration option`action_av`. Oncetheoptionissetto`accept`(resp. `defer`, `discard`, `reject`)theobjectis accepted (resp. If the option is set to `scan` the object is scanned (resp. alsocleanedifrequestedbyconfigurationoption`av_clean_mode`)forvirusinfiltrations and set of action configuration options `action_av_infected`, `action_av_notscanned` and `action_av_deleted` is taken into account to evaluate further handling of the object. If action `accept` has been taken as a result of the three above action options the object processed shall be scanned for spam. Notethatobjectisscannedforspamonlyincasetheconfigurationoption`action_as`issetto `scan`. Inthiscasetheactionconfigurationoptions`action_as_spam`and`action_as_notscanned` is taken into account. `defer`, `discard`, `reject`) has been taken as a result of the two above action options the object is accepted for further delivery (resp. the object is deferred, discarded or rejected). NOTE: Please, note that some of the modules has been written to integrate ESETS into the environment which does not allow to modify scanned objects and thus this functionality is disabled in the module. Particularly, this means that value configuration option av_clean_mode is ignored by the module. To get detailed information on this topic, refer to appropriate modules manual pages. [. . . ] In case of IP-filtering provided by ipchains administration tool an appropriate rule is: ipchains -A INPUT -p tcp -i if0 --dport 25 -j REDIRECT 2525 If IP-filtering mechanism is provided by iptables administration tool, the rule is: iptables-tnat-APREROUTING-ptcp-iif0\ --dport 25 -j REDIRECT --to-ports 2525 On FreeBSD, the rule is as follows: ipfw add fwd 192. 168. 1. 10, 2525 tcp from any to any 25 via if0 in On NetBSD and Solaris: echo 'rdr if00. 0. 0. 0/0port25->192. 168. 1. 10\ port 2525 tcp' | ipnat -f Warning: Your MTA may accept all connections without extensive checking from esets_smtp because they are local. By using your own firewall rules, make sure you do not create an open relay, i. e. allow someone from the outside to connect to esets_smtp and thus use him as relay SMTP server. A. 8. Setting ESETS for scanning of POP3 communication ThePOP3communicationscanningisperformedusingesets_pop3daemon. Inthe[pop3] section of ESETS configuration file set these parameters: agent_enabled = yes listen_addr = "192. 168. 1. 10" listen_port = 8110 where`listen_addr' is the address of local network interface named if0 Then restart ESETS daemon. [. . . ]