[. . . ] ESET Mail Security Installation Manual and User Guide Linux, BSD and Solaris Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. 1 Main functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. 2 Key features of the system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2. Terminology and abbreviations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 3. Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4. [. . . ] For information regarding the special header name syntax, refer to the man page of the appropriate ESETS agent module. For esets_smtp, refer to the esets_smtp(1 ) man page. 6. 4 Anti-Spam Control The anti-spam system filters spam messages, using dynamic evaluation of the data flow of the email delivery process. To eliminate spam, ESET Mail Security uses the anti-spam control mechanism. This mechanism can be enabled using the ‘a ction_a s’ parameter. For a full description of the parameter refer to the esets. cfg (5 ) man page. Thus, this functionality is relevant only for the following modules: esets_imap, esets_mda, esets_pipe, esets_pop3, esets_smtp and esets_smfi. 15 Once anti-spam is enabled in any of the configuration sections, the anti-spam scanning engine initializes during the main scanning daemon start-up. During this process, appropriate anti-spam support modules are loaded from the anti-spam cache directory. To define the period (in minutes), after which ESETS will check for available anti-spam module updates, edit the entry shown below in the ESETS configuration file. If you do not set the value for this parameter, ESETS will not regularly update its anti-spam database: as_update_period = 60 Anti-spam functionality can also be configured using the following configuration file: @ETCDIR@/anti-spam/spamcatcher. conf NOTE: Spa mCa tcher is a tool for spam detection. It tracks all email communication on its own server and monitors messages rejected by users. It evaluates this and various other data to determine which email is likely to contain spam and sends users a probability score for every message they receive. It allows you to create your own rules for identifying and blacklisting spam. Hundreds of rules can be used to evaluate spam score and block the incoming spam. The @ETCDIR@/anti-spam/ directory contains a number of different configurations stored in files, that can be used to customize the anti-spam engine. If you wish to start using a particular configuration, replace the default anti-spam configuration stored in ‘spa mca tcher. conf’ with any of the available configuration files and reload the ESETS daemon. spamcatcher. conf Is a default configuration file, that contains optimal configuration recommended for typical server environment. To display differences between any of the files in the anti-spam directory, use the diff command. For example, if you wish to compare the spamcatcher. conf and the spamcatcher. conf. accurate files use the following command: diff spamcatcher. conf spamcatcher. conf. accurate spamcatcher. conf. accurate Bayesian Word Token analysis (i. e. It improves accuracy, but uses more memory and can therefore take slightly more time to finish than other methods. The limit of the number of domains queried against the DNS Block List server (DNSBL) is increased (the ‘dnsbl_ma x_doma ins’ option). DNSBLs are most often used to publish addresses of computers or networks linked to spamming. Sender Policy Fra mework (SDK) with live DNS queries will be performed. [. . . ] Then add this line to smtpserver. conf: PARAM contentfilter @BINDIR@/esets_zmfi and restart ZMailer. Please note that this will scan only the email messages coming through the smtpserver. Also, make sure that your smtp-policy is filtering all email according to your needs. 28 9. 7 Setting ESETS for outbound email message scanning Outbound email message scanning is performed using the esets_smtp daemon. In the [smtp] section of the ESETS configuration file, set these parameters: agent_enabled = yes listen_addr = "192. 168. 1. 0" listen_port = 2525 where ‘listen_a ddr’ is the address of the local network interface named if0. [. . . ]