Detailed instructions for use are in the User's Guide.
[. . . ] we protect digital worlds
ESET Mail Security
Installation Manual and User Guide
Table of contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Terminology and abbreviations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [. . . ] AMaViS does not allow modification of scanned email messages and denies ESETS access to clean or delete infected email attachments. As a result, the ESETS footnote with log and status dependent header fields will not be written into the email message. Thus, user specific configurations are unavailable and advanced mail handling features (accept, defer, discard, reject) are limited for esets_cli. Lastly, AMaViS only scans files, it cannot use the ESETS anti-spam engine. Taking into account these drawbacks, content filtering using AMaViS is recommended only if the system administrator does not require the features discussed above. amavis configuration Configuration of amavis is performed during the amavis installation. After unpacking the sourceamavis-0. x. y. tgz, createthefileamavis/av/esets_cliwiththesecontents: # # ESET Software ESETS Command Line Interface # if ($esets_cli) { do_log(2, "Using $esets_cli"); chop($output = `$esets_cli --subdir $TEMPDIR/parts`); $errval = retcode($?); do_log(2, $output); if ($errval == 0) { $scanner_errors = 0; } elsif ($errval == 1 || $errval == 2 || $errval == 3) { $scanner_errors = 0; @virusname = ($output =~ /virus="([^"]+)"/g); do_virus(); } else {
do_log(0, "Virus scanner failure: $esets_cli (error code: $errval)");
}
}
The script above accepts the email message only when it is accepted in esets_cli's HOP (Handle Object Policy). Next, if you are using the Linux RSR package, you must update your PATH environment variable with this command: export PATH="$PATH:/opt/eset/esets/bin" To successfully install amavis, you may need to install additional software such as arc, unarj,
19
unrar, or zoo. You must also make a symlink in /usr/bin from `uncompress` to `gzip` and create the amavis user in the amavis group with a home directory of /var/amavis. Then continue with the usual installation process (. /configure, make, make install) and follow the README. mta rules according your mail server. amavisd configuration Configuration of amavisd is performed during installation. Unpack the source amavisd-0. x. tgz and follow the rules for amavis described in section 5. 5. 1. 1 of this guide. After performing `make install', you may need to move `/usr/etc/amavisd. conf' to `/etc' and execute the `make install' process again. amavisd-new configuration To install the product with amavisd-new, unpack and install the source amavisd-new-2. x. y. tgz in your installation directory. To do this, delete the clause for `ESET Software ESETS' and then replace the clause for `ESET Software ESETS - Client/Server Version' in the file `amavisd. conf' with the following one: ### http://www. eset. com/ [`ESET Software ESETS Command Line Interface', `@BINDIR@/esets_cli', `--subdir {}', [0], [1, 2, 3], qr/virus="([^"]+)"/ ], You may need to install additional Perl modules Archive-Tar, Archive-Zip, BerkeleyDB, Compress-Zlib, Convert-TNEF, Convert-UUlib, IO-stringy, MailTools, MIME-Base64, MIME-tools, Net-Server and Unix-Syslog from www. cpan. org/modules. The procedure to install is as follows: perl Makefile. PL; make; make install. After configuration, please follow the recommendations for configuring amavisd-new in the README. mta located in the Amavisd-new directory according your mail server.
20
ESET Mail Security
Chapter 6:
Important ESET Mail Security mechanisms
6. 1. Handle Object Policy
The Handle Object Policy (see Figure 6-1) is a mechanism that provides handling of the scanned objects based on their scanning status. This functionality is based on the following configuration options: `action_av`, `action_av_infected`, `action_av_notscanned`, `action_av_ deleted`, `action_as_spam`, `action_as_notscanned`. For detailed information on these options, please refer to the esets. cfg (5) man page. Scheme of Handle Object Policy mechanism.
action_av accept scan defer, discard, reject object not accepted
action_av_infected action_av_notscanned action_av_deleted accept defer, discard, reject object not accepted
action_as accept scan defer, discard, reject object not accepted
action_as_notscanned accept defer, discard, reject object not accepted
object accepted
Every object processed is first handled according to the configuration of the `action_av` option. If this option is set to `accept` (or `defer`, `discard`, `reject`) the object is accepted (or deferred, discarded, rejected). [. . . ] Also, make sure that your smtp-policy is filtering all email according to your needs.
A. 7. Setting ESETS for outbound email message scanning
Outbound email message scanning is performed using the esets_smtp daemon. In the [smtp] section of the ESETS configuration file, set these parameters:
Appendix A. ESETS setup process description
37
agent_enabled = yes listen_addr = "192. 168. 1. 0" listen_port = 2525 where`listen_addr'istheaddressofthelocalnetworkinterfacenamedif0. [. . . ]