ESET MAIL SECURITY Installation Manual
Hide thumbs
Also See for MAIL SECURITY:
- Installation manual (46 pages) ,
- Installation manual (30 pages) ,
- Installation manual (42 pages)
Related Manuals for ESET MAIL SECURITY
Summary of Contents for ESET MAIL SECURITY
- Page 1 ESET Mail Security Installation Manual and User’s documentation...
-
Page 2: Table Of Contents
6.4. Anti-Spam Control ..................24 6.5. Samples Submission System ..............25 6.6. World WideWeb Interface................25 6.7. Remote Administration................26 7. ESET Mail Security system update ..........27 7.1. ESETS update utility..................28 7.2. ESETS update process description ............28 8. Let us know ..................29 A. -
Page 3: Introduction
Chapter 1: Introduction... - Page 4 In the rest of this chapter we review a key features of the system. • The ESET anti-virus scanning engine algorithms provide the highest detection rate and the fastest scanning times. • The ESET Mail Security is developed to run on the single-processor as well as on the multi- processor units. • It includes unique advanced heuristics for Win32 worms and back-doors.
-
Page 5: Terminology And Abbreviations
Chapter 2: Terminology and abbreviations... - Page 6 ESETS ESET Security is a common acronym for all security products developed by ESET, spol. s r.o. for Linux OS, BSD OS and Solaris. It is also the name (or its part) of the software package containing the products.
- Page 7 NetBSD: /usr/pkg/bin Solaris: /opt/esets/bin ESETS system binary files directory The directory where the relevant ESET File Security system binary files are stored. Further in this documentation we use abbreviation @SBINDIR@ for the directory. The directory location is as follows: Linux: /usr/sbin...
-
Page 9: Installation
Chapter 3: Installation... - Page 10 00:00:00 esets_daemon where at least two ESETS daemon processes running in the background have to be present. One of the processes is so-called process and threads manager of the system. The other serves as ESETS scanning process. ESET Mail Security...
-
Page 11: Product's Roadmap
Chapter 4: Product’s Roadmap... - Page 12 The structure of ESET Mail Security is shown in the figure 4-1. The system is composed of the following components. CORE Core of ESET Mail Security consists of ESETS daemon esets_daemon. The daemon uses ESETS API library libesets.so and ESETS loading modules em00X_xx.dat to provide base system...
- Page 13 @ETCDIR@/esets.cfg This is the most important configuration file as it maintains the major part of the product functionality. After exploring the file you can see that it is built from various parameters distributed within sections. Note the section names always enclosed in square brackets. In the ESETS configuration file there is always one global and several so-called agent sections.
-
Page 15: Integration With E-Mail Messaging System
Chapter 5: Integration with E-mail Messaging System... - Page 16 This chapter describes integration of the ESET Mail Security with the variety of known e-mail messaging systems. Knowledge of e-mail messaging system basic principles (figure 5-1) is of paramount importance for understanding of ESETS operation. Figure 5-1. Scheme of UNIX OS e-mail messaging system.
-
Page 17: Bi-Directional E-Mail Messages Scanning In Mta
MTA, i.e. MTA Sendmail, Postfix, Exim, QMail and ZMailer. In order to configure ESET Mail Security for bi-directional e-mail messages scanning you have to be sure that your MTA is properly configured and running. Then run this script: esets_setup Select MTA and contentfilter install options. -
Page 18: Scanning Of Outbound E-Mail Messages
ZMailer. ESETS supports any MDA. In particular the following MDAs were tested: procmail, maildrop, deliver and local.mail. In order to configure ESET Mail Security for inbound e-mail messages scanning you have to be sure that your MTA is properly configured using original MDA and running. Then run this script: esets_setup Select MDA and inbound install options. -
Page 19: Alternative Methods Of Content Filtering
It supports various MTAs and comes in three branches: amavis, amavisd and amavisd-new. Amavis cooperates with ESET Mail Security by using esets_cli. Yet before we go into detailed explanation of the Amavis configurations, we would like to discuss the impact of the method on the ESET Mail Security functionality. - Page 20 In order to install the product with Amavisd-new, unpack and install the source amavisd- new-2.x.y.tgz in your installation directory. Now to configure the product with newly installed Amavisd-new, delete the clause for ‘ESET Software ESETS’ and replace the clause for ‘ESET Software ESETS - Client/Server Version’ in file ‘amavisd.conf’ with the following one: ### http://www.eset.com/...
-
Page 21: Important Eset Mail Security Mechanisms
Chapter 6: Important ESET Mail Security mechanisms... -
Page 22: Handle Object Policy
Particularly, this means that value configuration option av_clean_mode is ignored by the module. To get detailed information on this topic, refer to appropriate modules manual pages. ESET Mail Security... -
Page 23: User Specific Configuration
Thus with this special configuration all e-mails will be processed, i.e. scanned for infiltrations, with exception of the e-mails sent to rcptuser@rcptdomain.com that will be rejected without scanning. chapter 6 Important ESET Mail Security mechanisms... -
Page 24: Black-List And White-List
Once anti-spam is enabled in any of the configuration sections the anti-spam scanning engine is initialized during the main scanning daemon start-up. During this process an appropriate anti- spam supporting modules are loaded from within the anti-spam cache directory. ESET Mail Security... -
Page 25: Samples Submission System
In order to turn on Samples Submission System, the samples submission system cache has to be initialized. This can be achieved by enabling configuration option ‘samples_enabled’ in [global] section of ESETS configuration file. In order to enable process of samples delivery to ESET virus laboratory servers it is yet necessary to enable parameter ‘samples_send_enabled’ in the same section. -
Page 26: Remote Administration
6.7. Remote Administration ESETS supports ESET Remote Administration for management in large computer networks. For more information, please read the Remote Administration Manual. ESETS Remote Administration Client is part of main ESETS daemon. For basic set up, specify the address of your ERA Server in ‘racl_server_addr‘ parameter (and ‘racl_password‘ if... -
Page 27: Eset Mail Security System Update
Chapter 7: ESET Mail Security system update... -
Page 28: Esets Update Utility
7.1. ESETS update utility In order to keep the ESET Mail Security effective, it is necessary to keep its virus signatures database up to date. The esets_update utility has been developed for this purpose (see esets_ update(8) manual page for details). In order to launch update one has to define configuration options ‘av_update_username‘ and ‘av_update_password‘ in [global] section of ESETS configuration file. -
Page 29: Let Us Know
Chapter 8: Let us know... -
Page 30: Eset Mail Security
Dear user, this guide should have given you a good knowledge about the ESET Mail Security installation, configuration and maintenance. However, writing a documentation is a process that is never finished. There will always be some parts that can be explained better or are not even explained at all. -
Page 31: Esets Setup Process Description
Appendix A. ESETS setup process description... -
Page 32: Setting Esets For Mta Postfix
Postfix: content_filter = smtp:[127.0.0.1]:2526 Note: In case the ‘content_filter’ parameter already has a value, don’t follow these instructions. Instead, you have to insert esets_smtp (or other ESETS mail scanning module) before or after your current ‘content_filter’ . ESET Mail Security... -
Page 33: Setting Esets For Mta Sendmail
The last thing is to make Postfix accept mail on port 2525 and continue processing it. Add this entry to Postfix master.cf file: localhost:2525 inet n - n - - smtpd -o content_filter= -o myhostname=esets.yourdomain.com -o local_recipient_maps= -o relay_recipient_maps= receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject... -
Page 34: Bi-Directional E-Mail Messages Scanning
#!/bin/sh exec qmail-local -- ”$USER” ”$HOME” ”$LOCAL” ”” ”$EXT” \ ”$HOST” ”$SENDER” ”$1” which will make esets_mda call Qmail’s local delivery agent. Now create the file /var/qmail/ bin/qmail-start.esets with this content and also run chmod a+x on it: #!/bin/sh A=”$1”; shift ESET Mail Security... -
Page 35: Inbound E-Mail Messages Scanning
exec qmail-start.orig ”|@BINDIR@/esets_mda ‘$A’”’ \ -- --sender=”$SENDER” --recipient=”$RECIPIENT”’ “$@” which will start Qmail using esets_mda for local deliveries. However, the original delivery specification is passed to qmail-local through esets_mda. Note that in this configuration esets_ mda will use Qmail’s recognized exit codes (see qmail-command(8)). Lastly, replace qmail-start using commands: mv /var/qmail/bin/qmail-start /var/qmail/bin/qmail-start.orig ln -s qmail-start.esets /var/qmail/bin/qmail-start... -
Page 36: Inbound E-Mail Messages Scanning
= pipe command = @BINDIR@/esets_mda -oi -oMr esets-scanned $local_part@$domain \ -- --sender=$sender_address --recipient=$local_part@$domain which will send all not-yet-scanned mails for local users to esets_mda, which will inject them back to Exim for further processing. For reread of newly created configuration, restart Exim. ESET Mail Security... -
Page 37: Bi-Directional E-Mail Messages Scanning
A.5.2. Bi-directional e-mail messages scanning The goal of this installation is to create an Exim transport from esets_mda for all mails. Perform all steps from the previous section, but omit this line in esets_router: domains = +local_domains A.6. Setting ESETS for MTA ZMailer A.6.1. Inbound e-mail messages scanning The goal of this installation is to use esets_mda as ZMailer‘s local delivery agent. However, you need to have a real MDA installed, e.g. -
Page 38: Setting Esets For Scanning Of Pop3 Communication
-A INPUT -p tcp -i if0 --dport 110 -j REDIRECT 8110 If IP-filtering mechanism is provided by iptables administration tool, the rule is: iptables -t nat -A PREROUTING -p tcp -i if0 \ --dport 110 -j REDIRECT --to-ports 8110 On FreeBSD, the rule is as follows: ESET Mail Security... -
Page 39: Setting Esets For Scanning Of Imap Communication
ipfw add fwd 192.168.1.10,8110 tcp from any to any 110 via if0 in On NetBSD and Solaris: echo ’rdr if0 0.0.0.0/0 port 110 -> 192.168.1.10 \ port 8110 tcp’ | ipnat -f - A.9. Setting ESETS for scanning of IMAP communication The IMAP communication scanning is performed using esets_imap daemon. In the [imap] section of ESETS configuration file set these parameters: agent_enabled = yes listen_addr = ”192.168.1.10”... -
Page 41: Php License
Appendix B. PHP License... - Page 42 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PHP DEVELOPMENT TEAM OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ESET Mail Security...