Detailed instructions for use are in the User's Guide.
[. . . ] we protect digital worlds
ESET Mail Security
Installation Manual and User's documentation
Table of contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Terminology and abbreviations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [. . . ] Next, amavis doesn't provide mail sender/recipient, so no user specific configurations can be used, too. Advanced mail handling (accept, defer, discard, reject) is also limited for esets_cli. Taking into account these drawbacks, this configuration is usable if only the above discussed features of the product are not necessary for the user. amavis Configuration of Amavis is performed during the Amavis installation. After unpacking the sourceamavis-0. x. y. tgz, createthefileamavis/av/esets_cliwiththiscontents: # # ESET Software ESETS Command Line Interface # if ($esets_cli) { do_log(2, "Using $esets_cli"); chop($output = `$esets_cli --subdir $TEMPDIR/parts`); $errval = retcode($?); do_log(2, $output); if ($errval == 0) { $scanner_errors = 0; } elsif ($errval == 1 || $errval == 2 || $errval == 3) { $scanner_errors = 0; @virusname = ($output =~ /virus="([^"]+)"/g); do_virus(); } else {
do_log(0, "Virus scanner failure: $esets_cli (error code: $errval)");
}
}
Note that the above script accepts the email only in case it is accepted in esets_cli's Handle Object Policy. Next, if you are using the Linux RSR package, you have to update your PATH environment variable with this command: export PATH="$PATH:/opt/eset/esets/bin" For successful installation you may need to install additional software like arc, unarj, unrar,
19
zoo. You also have to make a symlink in /usr/bin from uncompress to gzip and create the user amavis in group amavis with home dir /var/amavis. Now continue with the usual installation process (. /configure, make, make install) and follow the rules README. mta according your mail server. amavisd Configuration of Amavisd is performed during the process of Amavisd installation. Unpack the source amavisd-0. x. tgz and follow the rules for amavis described in previous section of this guide. After `make install' you may need to move `/usr/etc/amavisd. conf' to `/etc' and do a `make install' again. amavisd-new In order to install the product with Amavisd-new, unpack and install the source amavisdnew-2. x. y. tgz in your installation directory. Now to configure the product with newly installed Amavisd-new, delete the clause for `ESET Software ESETS' and replace the clause for `ESET Software ESETS - Client/Server Version' in file `amavisd. conf' with the following one: ### http://www. eset. com/ [`ESET Software ESETS Command Line Interface', `@BINDIR@/esets_cli', `--subdir {}', [0], [1, 2, 3], qr/virus="([^"]+)"/ ], You may need to install additional Perl modules Archive-Tar, Archive-Zip, BerkeleyDB, Compress-Zlib, Convert-TNEF, Convert-UUlib, IO-stringy, MailTools, MIME-Base64, MIME-tools, Net-Server and Unix-Syslog from www. cpan. org/modules. The procedure is by each as follows: perl Makefile. PL; make; make install. After configuration, please follow the recommendation for configuring Amavisd-new in README. mta located in Amavisd-new directory according your mail server.
20
ESET Mail Security
Chapter 6:
Important ESET Mail Security mechanisms
6. 1. Handle Object Policy
The Handle Object Policy (see figure 5-1) is a mechanism that provides handling of the scanned objects depending on their scanning status. The mechanism is based on so-called action configuration options:`action_av`, `action_av_infected`, `action_av_notscanned`, `action_ av_deleted`, `action_as_spam`, `action_as_notscanned`. Fordetailedinformationontheoptions, please refer to the esets. cfg(5) manual page. Scheme of Handle Object Policy mechanism.
action_av accept scan defer, discard, reject object not accepted
action_av_infected action_av_notscanned action_av_deleted accept defer, discard, reject object not accepted
action_as accept scan defer, discard, reject object not accepted
action_as_notscanned accept defer, discard, reject object not accepted
object accepted
Every object processed is at first handled with respect to the setting of the configuration option`action_av`. Oncetheoptionissetto`accept`(resp. `defer`, `discard`, `reject`)theobjectis accepted (resp. If the option is set to `scan` the object is scanned (resp. alsocleanedifrequestedbyconfigurationoption`av_clean_mode`)forvirusinfiltrations and set of action configuration options `action_av_infected`, `action_av_notscanned` and `action_av_deleted` is taken into account to evaluate further handling of the object. If action `accept` has been taken as a result of the three above action options the object processed shall be scanned for spam. Notethatobjectisscannedforspamonlyincasetheconfigurationoption`action_as`issetto `scan`. Inthiscasetheactionconfigurationoptions`action_as_spam`and`action_as_notscanned` is taken into account. `defer`, `discard`, `reject`) has been taken as a result of the two above action options the object is accepted for further delivery (resp. [. . . ] And make sure that your smtp-policy is filtering all mails you want it to.
A. 7. Setting ESETS for outbound e-mail messages scanning
The outbound e-mail messages scanning is performed using esets_smtp daemon. In the [smtp] section of ESETS configuration file set these parameters:
Appendix A. ESETS setup process description
37
agent_enabled = yes listen_addr = "192. 168. 1. 0" listen_port = 2525 where`listen_addr' is the address of local network interface named if0. [. . . ]