Bi-Directional Email Messages Scanning; Inbound Email Messages Scanning; Setting Esets For Mta Qmail - ESET MAIL SECURITY LINUX Installation Manual

A.2.2. Bi-directional email message scanning
The objective of this installation is to scan all mail in Sendmail using the esets_smfi filter. In
the [smfi] section of the ESETS configuration file, set the following parameters:
agent_enabled = yes
smfi_sock_path = "/var/run/esets_smfi.sock"
Restart the ESETS daemon. Then, add the lines below to the sendmail.mc file (or `hostname`.
mc on FreeBSD) before all MAILER definitions:
INPUT_MAIL_FILTER(`esets_smfi',
`S=local:/var/run/esets_smfi.sock, F=T, T=S:2m;R:2m;E:5m')dnl
With these settings, Sendmail will communicate with esets_smfi via unix socket /var/run/
esets_smfi.sock. Flag F=T will result in a temporary failed connection if the filter is unavailable.
S:2m defines a 2 minute timeout for sending information from MTA to the filter, R:2m defines a
2 minute timeout for reading replies from the filter and E:5m sets an overall 5 minute timeout
between sending end-of-message to the filter and waiting for final acknowledgment.
If the timeouts for the esets_smfi filter are too short, Sendmail can temporarily defer the
message to the queue and attempt to pass it through later. However, this may lead to continuous
deferral of the same messages. To avoid this problem, the timeouts should be set properly. You
can experiment with Sendmail's 'confMAX_MESSAGE_SIZE' parameter, which is the maximum
accepted message size in bytes. Taking into account this value and the approximate maximum
time for MTA to process a message of that size (this can be measured), you can determine the
most effective timeout settings for the esets_smfi filter.
Lastly, recreate sendmail.cf and restart Sendmail.
A.3. Setting ESETS for MTA Qmail
A.3.1. Inbound email message scanning
The objective of this installation is to insert esets_mda before Qmail's local delivery agent.
Assuming Qmail is installed in the /var/qmail directory, in the [mda] section of the ESETS
configuration file, set the following parameter:
mda_path = "/var/qmail/bin/qmail-esets_mda"
Restart the ESETS daemon. Create the file /var/qmail/bin/qmail-esets_mda with the following
content and run chmod a+x on it:
#!/bin/sh
exec qmail-local -- "$USER" "$HOME" "$LOCAL" "" "$EXT" \
"$HOST" "$SENDER" "$1"
This will cause esets_mda to call Qmail's local delivery agent. Next, create the file /var/qmail/
bin/qmail-start.esets with the following content and also run chmod a+x on it:
34 ESET Mail Security