Setting Esets For Outbound Email Message Scanning; Setting Esets For Scanning Of Pop3 Communication; Setting Esets For Scanning Of Imap Communication - ESET MAIL SECURITY - FOR LINUX BSD AND SOLARIS Installation Manual

smtp-policy is filtering all email according to your needs.

9.7 Setting ESETS for outbound email message scanning

Outbound email message scanning is performed using the esets_smtp daemon. In the [smtp] section of the ESETS
configuration file, set these parameters:
agent_enabled = yes
listen_addr = "192.168.1.0"
listen_port = 2525
where 'listen_addr' is the address of the local network interface named if0. Then, restart the ESETS daemon. The
next step is to redirect all SMTP requests to esets_smtp. If IP-filtering is being performed by the ipchains administration
tool, an appropriate rule would be:
ipchains -A INPUT -p tcp -i if0 --dport 25 -j REDIRECT 2525
If IP-filtering is being performed by the iptables administration tool, the rule is:
iptables -t nat -A PREROUTING -p tcp -i if0 --dport 25 -j REDIRECT --to-ports 2525
On FreeBSD, the rule is as follows:
ipfw add fwd 192.168.1.10,2525 tcp from any to any 25 via if0 in
On NetBSD and Solaris:
echo 'rdr if0 0.0.0.0/0 port 25 -> 192.168.1.10 port 2525 tcp' | ipnat -f -
Warning: Your MTA may accept all connections without extensive checking from esets_smtp because those
connections are local. By using your own firewall rules, make sure you do not create an open relay, i.e., allow someone
from the outside to connect to esets_smtp and use it as a relay SMTP server.

9.8 Setting ESETS for scanning of POP3 communication

The POP3 communication scanning is performed using esets_pop3 daemon. In the [pop3] section of the ESETS
configuration file, set these parameters:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 8110
where 'listen_addr' is the address of the local network interface named if0. Then restart the ESETS daemon. The next
step is to redirect all POP3 requests to esets_pop3. If IP-filtering is being performed by the ipchains administration tool,
an appropriate rule is:
ipchains -A INPUT -p tcp -i if0 --dport 110 -j REDIRECT 8110
If IP-filtering is being performed by the iptables administration tool, the rule would be:
iptables -t nat -A PREROUTING -p tcp -i if0 --dport 110 -j REDIRECT --to-ports 8110
On FreeBSD, the rule is as follows:
ipfw add fwd 192.168.1.10,8110 tcp from any to any 110 via if0 in
On NetBSD and Solaris:
echo 'rdr if0 0.0.0.0/0 port 110 -> 192.168.1.10

9.9 Setting ESETS for scanning of IMAP communication

The IMAP communication scanning is performed using the esets_imap daemon. In the [imap] section of the ESETS
configuration file, set these parameters:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 8143
where 'listen_addr' is the address of the local network interface named if0. Then restart the ESETS daemon. The next
step is to redirect all IMAP requests to esets_imap. If IP-filtering is being performed by the ipchains administration tool
an appropriate rule would be:
28
port 8110 tcp' | ipnat -f -