1. Manuals
  2. Brands
  3. KAPERSKY Manuals
  4. Software
  5. ANTI-VIRUS 5.0 - FOR SAMBA SERVERS
  6. Administrator's manual

KAPERSKY ANTI-VIRUS 5.0 - FOR LINUX FREEBSD-OPENBSD MAIL SERVER Administrator's Manual

Hide thumbs Also See for ANTI-VIRUS 5.0 - FOR LINUX FREEBSD-OPENBSD MAIL SERVER:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Administrator's Manual, User Manual
K A S P E R S K Y L A B S
Kaspersky Anti-Virus
5.0 for Linux,
®
FreeBSD and OpenBSD Mail Servers
ADMINISTRATOR'S GUIDE

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the ANTI-VIRUS 5.0 - FOR LINUX FREEBSD-OPENBSD MAIL SERVER and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for KAPERSKY ANTI-VIRUS 5.0 - FOR LINUX FREEBSD-OPENBSD MAIL SERVER

Summary of Contents for KAPERSKY ANTI-VIRUS 5.0 - FOR LINUX FREEBSD-OPENBSD MAIL SERVER

  • Page 1 K A S P E R S K Y L A B S Kaspersky Anti-Virus 5.0 for Linux, ® FreeBSD and OpenBSD Mail Servers ADMINISTRATOR’S GUIDE...
  • Page 2 ® K A S P E R S K Y A N T I - V I R U S 5 . 0 F O R L I N U X , F R E E B S D A N D O P E N B S D M A I L S E R V E R S Administrator's guide ...

  • Page 3: Table Of Contents

    Contents ®TM CHAPTER 1. KASPERSKY ANTI-VIRUS FOR LINUX, FREEBSD, AND OPENBSD MAIL SERVERS ..................6 1.1. What’s new in version 5.0 ..................7 1.2. Licensing policy ..................... 8 1.3. Hardware and software requirements ..............9 1.4. Distribution kit ......................9 1.5.
  • Page 4 Kaspersky Anti-Virus for Unix Mail Servers 4.2. Installing / updating anti-virus database.............. 33 4.3. Setting up joint operation with Webmin .............. 33 4.4. Manual integration with mail systems..............35 4.4.1. Integration with the sendmail mail system ........... 35 4.4.2. Integration with the qmail mail system ............36 4.4.3.
  • Page 5 Contents 6.2. Setting antiviral protection of the server’s file systems........88 6.2.1. Scan area...................... 88 6.2.2. File check and disinfection mode..............89 6.2.3. Actions taken with the files ................90 6.3. Setting the operation of the aveserver process..........91 6.3.1. Aveserver reloading..................92 6.3.2.
  • Page 6 Kaspersky Anti-Virus for Unix Mail Servers C.1. Other Kaspersky Labs products............... 133 C.2. Contact us ......................136 APPENDIX D. INDEX ....................139 APPENDIX E. LICENSE AGREEMENT..............139...

  • Page 7: Chapter 1. Kaspersky Anti-Virus ®Tm For Linux, Freebsd, And Openbsd Mail Servers

    CHAPTER 1. KASPERSKY ANTI- VIRUS FOR LINUX, ® FREEBSD, AND OPENBSD MAIL SERVERS ® Kaspersky Anti-Virus for Linux, FreeBSD, and OpenBSD Mail Servers ® ® (hereinafter also referred to as Kaspersky Anti-Virus , Kaspersky Anti-Virus for Unix Mail Servers) is designed for anti-virus processing of mail traffic and file systems of servers running Linux, FreeBSD, or OpenBSD operating systems and using one of the following mail programs: sendmail, Postfix, qmail, Exim.

  • Page 8: What's New In Version 5.0

    Kaspersky Anti-Virus for Unix Mail Servers codes specific to particular viruses. If the file is infected, the program disinfects it. It should be kept in mind that new viruses appear daily, therefore we recommend updating the anti-virus database every day in order to maintain the product in up-to-date condition.

  • Page 9: Licensing Policy

    Kaspersky Anti-Virus for Unix Mail Servers It is now possible to use script files for processing of objects with different status (infected, corrupted etc.) An option has been added of automatic restarting of the program’s resident components after successful update of the anti-virus database. The product is distributed in the form of standard installation packages for the supported operating systems (rpm, deb).

  • Page 10: Hardware And Software Requirements

    Kaspersky Anti-Virus for Unix Mail Servers 1.3. Hardware and software requirements ® In order to function properly, Kaspersky Anti-Virus needs a system complying with the following requirements: Hardware requirements: Intel Pentium-class processor 32 Mb of RAM or more 100 Mb or more of hard disk space Software requirements: One of the following operating systems: Linux RedHat (version 7.3, 8.0 or 9.0), Linux SuSE (version...

  • Page 11: Help Desk For Registered Users

    Kaspersky Anti-Virus for Unix Mail Servers Administrator’s guide License key License agreement. Before you unseal the envelope containing the CD (or floppy disks), be sure to thoroughly review the license agreement. ® When purchasing Kaspersky Anti-Virus in the Web-shop you download the product from Kaspersky Lab’s website.

  • Page 12: Conventions

    Kaspersky Anti-Virus for Unix Mail Servers 1.6. Conventions In this book we use various conventions to emphasize different meaningful parts of the documentation. Convention Meaning Bold font Menu titles, commands, window titles, dialog elements, etc. Note. Additional information, notes Attention! Very important information To do this, Actions that must be taken...

  • Page 13: Chapter 2. Typical Patterns Of Product Deployment

    CHAPTER 2. TYPICAL PATTERNS OF PRODUCT DEPLOYMENT Depending on the initial architecture of the mail server, we offer several variants ® of deployment of Kaspersky Anti-Virus for Unix Mail Servers: On a single mail server with mail system. This variant is used when the server has an installed and adjusted mail system sendmail, qmail, Postfix or Exim (see section 2.2 on page 14).
  • Page 14 Kaspersky Anti-Virus for Unix Mail Servers ® It should be noted that Kaspersky Anti-Virus is only developed to filter mail against viruses and does not constitute a mail agent capable of receiving and routing mail traffic. This is carried out by a mail system installed on the server with which the anti-virus program is integrated after installation.

  • Page 15: Operation On The Same Server As Mail System

    Typical patterns of product deployment The Internet SMTP SMTP sendmail A smtpscanner sendmail B LMTP SMTP aveserver queue queue Anti-virus database Kaspersky Anti-Virus Mail server Figure 1. Internal architecture of ® Kaspersky Anti-Virus for Unix Mail Servers 2.2. Operation on the same server as mail system ®...
  • Page 16 Kaspersky Anti-Virus for Unix Mail Servers This variant is recommended in case of average specific load of the mail server. ® Let us take a detailed look at the operation of Kaspersky Anti-Virus on the same server as any of the above mentioned mail systems (see Figure 2). The sequence of processing incoming and outgoing mail is identical, and consists of the following stages: The stream of mail messages comes in from other servers or from the...

  • Page 17: Operation As The Secondary Filter

    Typical patterns of product deployment 2.3. Operation as the secondary filter ® Kaspersky Anti-Virus can be used as either a primary or a secondary filter. If ® your mail server had a mail traffic filter when Kaspersky Anti-Virus was installed, ®...

  • Page 18: Operation On A Dedicated Server

    Kaspersky Anti-Virus for Unix Mail Servers Number of the port through which the filter works: 25. Host name for mail sending: mx2.yourhost.domain:10026 Secondary filter (MX2) settings: Name of the host where the filter is installed: mx2.yourhost.domain The filter’s IP address: 127.0.0.1 Number of the port, through which the filter works: 10026 Host name the mail is received from: mx1.yourhost.domain...
  • Page 19 Typical patterns of product deployment Server running UNIX system SMTP on SMTP on port 25, port 25, Anti-virus filter (MX2) incoming traffic outgoing traffic SMTP The Internet Intranet Mail system SMTP, SMTP/MAPI/ (routing) outgoing traffic POP3/IMAP, incoming traffic Server running Windows ®...

  • Page 20: Filtering Mail Received From External Mailboxes

    Kaspersky Anti-Virus for Unix Mail Servers 2.5. Filtering mail received from external mailboxes Nowadays, external mailboxes on servers like www.mail.ru, www.aport.ru, www.hotmail.com etc. are widely used. How can infection be prevented when downloading infected messages from such mailboxes? In fact, this mail is delivered via the POP3 protocol, while Kaspersky ®...
  • Page 21 Typical patterns of product deployment pass12345 and pass123452 are passwords for mail accounts remote_user and remote_user2. With these settings, the fetchmail program will collect mail messages from the hosts mail.that.is.free.ru and mail2.that.is.free.ru and send them to the local SMTP for the user. No fields (from, to or any other) will be altered in the messages, only one more header received will be added by fetchmail.

  • Page 22: Chapter 3. Installing Kaspersky Anti-Virus

    CHAPTER 3. INSTALLING KASPERSKY ANTI-VIRUS ® ® Before you begin to install Kaspersky Anti-Virus for Unix Mail Servers, please prepare your system as follows: Make sure your system meets the hardware and software requirements of ® Kaspersky Anti-Virus (see section 1.3 on page 9). If some of the applications, such as Wget, are not installed we recommend installing them, otherwise some product functions will be unavailable.

  • Page 23: Starting The Installation Procedure

    Installing Kaspersky Anti-Virus No earlier version is detected - installer proceeds to installation of the product on the server ® Earlier version of Kaspersky Anti-Virus detected: Backup copy of the detected distribution package is created and the new version is installed. Update to version 5.0.

  • Page 24: Previous Version Search

    Kaspersky Anti-Virus for Unix Mail Servers ® In order to start the installation of Kaspersky Anti-Virus from the deb- package, type the following in the command line: dpkg –i <distribution_file_name> 3.1.2. Previous version search Immediately after launching the installation, the system is inspected for the ®...

  • Page 25: Updating To Version 5.0

    Installing Kaspersky Anti-Virus Enter absolute path to file without .tgz extension [/tmp/oldkav]. If the file suggested by default already exists, a message will be output to the console with a query about whether to overwrite it or not. If you do not want to use the default file name, you will have to enter the full path to the archive file without the extension.

  • Page 26: Copying The Distribution Files

    Kaspersky Anti-Virus for Unix Mail Servers As to the components in charge for file system scanning, these can function independently. However, the component responsible for scanning the mail traffic (smtpscanner) is integrated with the mail system. The integration process is identical for both the new and the previous versions, therefore it can only be done for one of them.

  • Page 27: Integration With The Mail System

    Installing Kaspersky Anti-Virus is not installed on your server, the remote administration module of Kaspersky ® Anti-Virus will not be installed. However, all the files required for its installation ® are stored in the archive of Kaspersky Anti-Virus distribution package, so you can add the Webmin module later using the tools provided by this package (for details refer to the documentation supplied with the Webmin program).

  • Page 28: Installing / Updating The Anti-Virus Database

    Kaspersky Anti-Virus for Unix Mail Servers If a license key is detected that is not suitable for this product (for example, a key ® for Kaspersky Anti-Virus for Unix File Servers), then after installation the program will only scan the server file system. 3.1.6.

  • Page 29: Installation Report

    Installing Kaspersky Anti-Virus aveserver Socket file to be used with the component. The directory containing temporary files. Other parameters are set by default (see section 4.1 on page 31). However, the administrator will have to adjust some settings to begin working with Kaspersky ®...

  • Page 30: Installing The Program On A Server Running Linux

    Kaspersky Anti-Virus for Unix Mail Servers 3.2. Installing the program on a server running Linux For Linux RedHat and Linux SuSE operating system distribution packages, ® Kaspersky Anti-Virus for Unix Mail Servers contains an rpm-package. ® To start the installation of Kaspersky Anti-Virus from the rpm-package, type the following in the command line: rpm –i <distribution_file_name>...

  • Page 31: Installing The Program On A Server Running Freebsd Or Openbsd

    Installing Kaspersky Anti-Virus 3.3. Installing the program on a server running FreeBSD or OpenBSD For servers running the FreeBSD or OpenBSD operating systems the distribution ® package of Kaspersky Anti-Virus is supplied in a tgz-package. ® To start the installation of Kaspersky Anti-Virus from the tgz-package, type the following in the command line: pkg_add <package_name>...

  • Page 32: Chapter 4. Post-Installation Settings

    CHAPTER 4. POST-INSTALLATION SETTINGS ® During installation, the system onto which you install Kaspersky Anti-Virus analyzed and some of its configuration parameters are set automatically. A number of parameters of the configuration file are set by default as the most suitable for the operation of the anti-virus program (see section 4.1 on page 31).
  • Page 33 Post-installation settings You can create your own configuration files and use them for running current tasks or as default configuration files. Below is a detailed explanation of the parameters set in this file by default. Based on the information provided in this chapter you will be able to find out if ®...

  • Page 34: Installing / Updating Anti-Virus Database

    Kaspersky Anti-Virus for Unix Mail Servers All notifications regarding mail message scanning, their disinfection, and other operations concerned with mail (deletion, placing under quarantine etc.) are by default sent from the address MAILER- DAEMON@localhost. If, in the process of anti-virus scanning of mail traffic, any suspicious, corrupted, or password-protected files are detected, as well as mail messages that fail to be scanned, they are deleted.
  • Page 35 Post-installation settings Hereinafter, when describing Webmin bookmarks that contain operating ® parameters of Kaspersky Anti-Virus we shall provide the path to every bookmark. The path will be given before the picture of the bookmark in the following format: Other (Webmin menu item) KAV for Mail Servers window or bookmark name...

  • Page 36: Manual Integration With Mail Systems

    Kaspersky Anti-Virus for Unix Mail Servers 4.4. Manual integration with mail systems The process of integrating consists of three stages: Editing the mail system configuration for joint operation with the anti-virus program. ® Adjusting Kaspersky Anti-Virus configuration for joint operation with the mail system.

  • Page 37: Integration With The Qmail Mail System

    Post-installation settings ® Configure Kaspersky Anti-Virus as required (see section 4.4.5 on page 39 Add the following two processes to the start-up scripts: /usr/sbin/sendmail –bd –q10m –C /etc/mail/sendmail.cf.listen /usr/sbin/sendmail –q10m –C /etc/mail/sendmail.cf If you use sendmail version 8.12 or higher in configuration with submit.cf, add these three processes to the start-up scripts: /usr/sbin/sendmail –bd –q10m –C /etc/mail/sendmail.cf.listen...

  • Page 38: Integration With The Postfix Mail System

    Kaspersky Anti-Virus for Unix Mail Servers ® Configure Kaspersky Anti-Virus as required (see section 4.4.5 on page 39 Restart the mail system. 4.4.3. Integration with the Postfix mail system ® In order to integrate Kaspersky Anti-Virus with the Postfix mail system: Check the version number of your Postfix mail system.

  • Page 39: Integration With The Exim Mail System

    Post-installation settings ® Configure Kaspersky Anti-Virus as required (see section 4.4.5 on page 39 Restart the mail system. 4.4.4. Integration with the Exim mail system ® In order to integrate Kaspersky Anti-Virus with the Exim mail system: Copy configuration file, (for example exim.conf)

  • Page 40: Configuring Kaspersky Anti-Virus ® For Integration With The Mail System

    Kaspersky Anti-Virus for Unix Mail Servers 4.4.5. Configuring Kaspersky Anti-Virus ® integration with the mail system ® Another essential part of integrating Kaspersky Anti-Virus with mail systems is configuring the anti-virus program itself. You can do this either directly in the program’s configuration file or remotely using the Webmin package.
  • Page 41 Post-installation settings For Exim: ForwardMailer=smtp:(exim -bs -C/etc/exim/exim.conf) For the group of users specify the following in the section [smtpscan.group:default] of the configuration file: AdminAddress=admin@yourhostname.ru AdminNotify=yes In the [smtpscan.limits] section set the time-out (in seconds) for the aveserver process to execute an operation. For example: MaxCheckTime=60 Make similar settings on the Config edit tab of the Webmin program...
  • Page 42 Kaspersky Anti-Virus for Unix Mail Servers On the Core settings tab (see Figure 7) of the Webmin program set the values for the following parameters: Forward mailer – mail system identifiers used to send messages to senders, recipients and group administrators: For sendmail: smtp:( /usr/sbin/sendmail –bs –C /etc/mail/sendmail.cf)

  • Page 43: Creating A List Of Protected Users

    Post-installation settings Other KAV for Mail Servers AV Mail Check Groups Group +Properties Main settings Figure 8. Main settings tab 4.5. Creating a list of protected users ® The protected users list defines the users of Kaspersky Anti-Virus and is closely related to the type of licensing of the product you have purchased.
  • Page 44 Kaspersky Anti-Virus for Unix Mail Servers You can check the number of users covered by the license in the key file either using the licenseviewer component or remotely using the Webmin program (see section 5.4.1 on page 74)! If the license of the product you have purchased is based on THE MAIL TRAFFIC then the list of protected users is ignored.
  • Page 45 Post-installation settings ® Remote filling of the list of Kaspersky Anti-Virus for Unix Mail Servers licensed users can be done on the User list tab (see Figure 10). Other KAV for Mail Servers AV Mail Check User List Figure 10. User list tab...

  • Page 46: Chapter 5. Working With Kaspersky Anti-Virus

    CHAPTER 5. WORKING WITH KASPERSKY ANTI-VIRUS ® ® With Kaspersky Anti-Virus you can organize complete antiviral protection of your server from a file stored on the server for incoming and outgoing mail traffic, including mail collected from external mailboxes. The product’s functionality lies in the tasks that the administrator can solve with ®...

  • Page 47: Scheduling Anti-Virus Database Updating Using Cron

    Working with Kaspersky Anti-Virus ftp://downloads1.kaspersky-labs.com/updates/ and other servers. The addresses that can be used to download updates are listed in the file servers.lst included in the distribution package. This file has a simple format: each update server is written on a new line that ends with the line feed symbol. Update servers may be either http://, or ftp://, or a full Unix path (in this case the database is updated from the directory).
  • Page 48 Kaspersky Anti-Virus for Unix Mail Servers The solution: in order to accomplish the above objective, do the following: Make the following settings on the Kasperksy Anti-Virus KeepUp2Date tab of the program (see Figure 11): Keep silent – Do not display information regarding program operation.

  • Page 49: One-Time Update Of The Anti-Virus Database

    Working with Kaspersky Anti-Virus Other KAV for Mail Servers KeepUp2Date ® Figure 11. Kaspersky Anti-Virus KeepUp2Date tab Edit the file that sets the rules of the cron process operation crontab –e Input the following line: 0 7 * * * /opt/kav/bin/kavupdater 5.1.2.
  • Page 50 Kaspersky Anti-Virus for Unix Mail Servers The object: to organize anti-virus database updating from the network directory /home/bases. If this directory is unavailable or empty, then update the database. Output the results of the work to a report file. The solution: in order to reach the above objective do the following: Edit the file /etc/kav/5.0/servers.lst, which contains the list of update servers, place the network directory /home/base, (where the database is stored) into the first position.

  • Page 51: Antiviral Protection Of The Server's Mail Traffic

    Working with Kaspersky Anti-Virus Edit the file /etc/kav/5.0/servers.lst, which contains the list of update servers, place the network directory /home/bases (where the database is stored) in the first position. Turn random selection of update servers off by setting RandomServerOrder=no in configuration file. In the command line type: kavupdater –s /etc/kav/5.0/server2.lst –o /tmp/report.txt...
  • Page 52 Kaspersky Anti-Virus for Unix Mail Servers The object: Scan the entire mail traffic of the server for viruses and clean all infected messages. Delete infected messages that fail to be cleaned. Deliver disinfected messages to the recipients. Notify senders, recipients, and administrators about disinfected, deleted, suspicious, and corrupted messages, as well as about messages that fail to be checked.
  • Page 53 Working with Kaspersky Anti-Virus open (see Figure 14) and on the appropriate tab (see Figure 8) make the following settings: Check this group – Scan mail messages of the users in this group. Group administrator address – Group administrator’s address (alias). In the sections Sender mask and Recipient mask specify e- mail addresses or address masks of those senders and recipients whose mail messages are to be processed according...
  • Page 54 Kaspersky Anti-Virus for Unix Mail Servers Check all the object types in the Sender rules / Notify column. Set the following rules for user notification in the User rules column: Place checkmarks against every object in the Notify column. In the Attach report column check the Cured object type and uncheck all the other types.
  • Page 55 Working with Kaspersky Anti-Virus If the Report file name input field is left blank, the results will be saved in the system log. Report file permission – Report file access rights. Set, for example, 060 in the input field. ReportOK – Whether to include in the log information regarding clean objects.

  • Page 56: Delivery Of Infected Messages

    Kaspersky Anti-Virus for Unix Mail Servers 5.2.2. Delivery of infected messages Situations are possible when all messages must be delivered to a certain user group, including infected ones. The object: Scan all mail traffic for viruses. Clean any infected messages for all users except for those included in the urgent group.
  • Page 57 Working with Kaspersky Anti-Virus Create a group and set its mode of message disinfection. To do so, select the group of options Main settings on the group options tab (see Figure 14) and on the appropriate tab (see Figure 8) make the following settings: Check this group –...
  • Page 58 Kaspersky Anti-Virus for Unix Mail Servers Check=yes QuarantinePath=/var/db/Quarantine Quarantine=yes InfectedQuarantine=yes SuspiciousQuarantine=yes CorruptedQuarantine=yes ErrorQuarantine=yes ProtectedQuarantine=yes AdminAddress=admin@localhost.ru AdminNotify=yes AdminAction=unchanged SenderNotify=yes RecipientNotify=yes RecipientAttachReport=no RecipientAction=remove CuredRecipientNotify=yes CuredRecipientAttachReport=yes CuredRecipientAction=cured Set the [smtpscan.group:urgent] group configuration in the following way: [smtpscan.group:urgent] Check=yes AdminAddress=admin@localhost.ru AdminNotify=yes AdminAction=unchanged SenderNotify=yes RecipientNotify=yes RecipientAttachReport=yes RecipientAction=unchanged...

  • Page 59: Blocking Message Delivery To The Recipients

    Working with Kaspersky Anti-Virus 5.2.3. Blocking message delivery to the recipients Usually, the administrator has to block the delivery of some messages. Consider the following situation for example: a mail message is suspected of being infected by a virus, but it contains important data that must be preserved. These data can get lost during disinfection.

  • Page 60: Complementary Filtration Of Messages By Attachment Types

    Kaspersky Anti-Virus for Unix Mail Servers [smtpscan.group:default] Check=yes QuarantinePath=/var/db/Quarantine Quarantine=yes InfectedQuarantine=yes SuspiciousQuarantine=yes CorruptedQuarantine=yes ErrorQuarantine=yes ProtectedQuarantine=yes AdminAddress=admin@localhost.ru AdminNotify=yes AdminAction=unchanged SenderNotify=yes RecipientNotify=yes RecipientAttachReport=no RecipientAction=remove CuredRecipientNotify=yes CuredRecipientAttachReport=yes CuredRecipientAction=cured 5.2.4. Complementary filtration of messages by attachment types Quite often, mail messages have attached files that have a good chance of containing a virus (e.g.
  • Page 61 Working with Kaspersky Anti-Virus The object: For the users group: Scan the group’s mail messages for viruses. Filter mail by attached exe-files. Quarantine separated files in a special directory. Clean any infected mail messages. If the attempt to disinfect an object fails, delete it from the message, but deliver it unchanged to the group administrator.
  • Page 62 Kaspersky Anti-Virus for Unix Mail Servers Figure 14) and on the appropriate tab (see Figure 8) make the following settings: Check this group – Scan mail messages sent and received by the users of this group. Group administrator address – Group administrator’s address (alias).
  • Page 63 Working with Kaspersky Anti-Virus Set up actions for the objects and notification rules. To do so, select the group of settings Notify rules on the group options tab (see Figure 14) and on the appropriate tab (see Figure 15) make the following settings: Only check the object type Filtered in the Quarantine column.
  • Page 64 Kaspersky Anti-Virus for Unix Mail Servers Check=yes QuarantinePath=/var/db/Quarantine Quarantine=yes AdminAddress=admin@localhost.ru AdminNotify=yes AdminAction=unchanged SenderNotify=yes RecipientNotify=yes RecipientAttachReport=no RecipientAction=remove FilterName="*.exe" FilteredQuarantine=yes FilteredRecipientNotify=yes CuredRecipientNotify=yes CuredRecipientAttachReport=yes CuredRecipientAction=cured Make following configuration settings group [smtpscan.group:default]: Check=yes QuarantinePath=/var/db/Quarantine Quarantine=yes InfectedQuarantine=yes SuspiciousQuarantine=yes CorruptedQuarantine=yes ErrorQuarantine=yes AdminAddress=admin2@localhost.ru AdminNotify=yes AdminAction=unchanged...

  • Page 65: Setting Traffic-Based License Expiration Notifications

    Working with Kaspersky Anti-Virus SenderNotify=yes RecipientNotify=yes RecipientAttachReport=no RecipientAction=remove ProtectedRecipientNotify=yes ProtectedRecipientAttachReport=yes ProtectedRecipientAction=unchanged CuredRecipientNotify=yes CuredRecipientAttachReport=yes CuredRecipientAction=cured 5.2.5. Setting traffic-based license expiration notifications ® We advise that you also setup the notification regarding Kaspersky Anti-Virus license expiration. This notification will be sent to the server administrator (by default the administrator’s address is: postmaster@localhost).
  • Page 66 Kaspersky Anti-Virus for Unix Mail Servers LicenseWarningNotifyAddress=admin@localhost.ru LicenseWarningNotifySize=900 On the Core settings tab (see Figure 7) of the Webmin program set the values for the following parameters: Type – License type for the purchased product. Select traffic in the drop-down list. Notify size –...

  • Page 67: Antiviral Protection Of File Systems

    Working with Kaspersky Anti-Virus 5.3. Antiviral protection of file systems Antiviral protection of the server's file systems is carried out by the kavscanner component, which scans the files stored on the server for viruses, and processes infected and suspicious files according to the settings. The object processing can be of an exceptionally informational nature (outputting the information to the log and to the server’s console, administrator notification) or can result in object changing (disinfection, quarantine, or deletion).

  • Page 68: Scheduled Daily Directory Scan

    Kaspersky Anti-Virus for Unix Mail Servers The object: launch recursive scanning of the /tmp directory with automatic cleaning of all infected objects that are detected. Heuristic code analyzer shall not be used. All objects that fail to be disinfected are to be deleted. Create the files infected.lst, suspicion.lst, corrupted.lst, and warning.lst in the same directory and use them to save the names of all the infected, corrupted, or suspicious objects, respectively.

  • Page 69: Moving Objects To A Separate Directory (Quarantine)

    Working with Kaspersky Anti-Virus 5.3.3. Moving objects to a separate directory (quarantine) ® You can set up Kaspersky Anti-Virus so that it will move all infected objects on the server’s file system to a special directory. Such an approach can be used, for example, if during the antiviral scanning of a directory an infected file is found that contains important data.

  • Page 70: Advanced Options: Using Script Files

    Kaspersky Anti-Virus for Unix Mail Servers For actions to be applied to infected objects, include the following line in the sections [object] and [container] of the configuration file: OnInfected=movePath /tmp/infected Disable disinfection mode (Cure=no) if it was enabled. In the command line type: #kavscanner –@/tmp/download.lst –ePASBME –rq –i0 -o /tmp/report.log –j3 –mCn Now we shall make the task more complex by setting a requirement of limiting...

  • Page 71: Cleaning Infected Objects In Archives

    Working with Kaspersky Anti-Virus 5.3.4.1. Cleaning infected objects in archives ® Kaspersky Anti-Virus does not disinfect archived files; it only detects suspicious and infected objects in archives. However, such an option can be implemented using a supplementary script file. The present document gives an example of how to disinfect tar and zip archives using the script file vox.sh (see section A.5 ®...
  • Page 72 Kaspersky Anti-Virus for Unix Mail Servers Other KAV for Mail Servers AV File Check ® Figure 18. Kaspersky Anti-Virus On-Demand Scanner tab Other KAV for Mail Servers AV Run+Start Figure 19. Scan area definition tab...

  • Page 73: Sending Notifications To The Administrator

    Working with Kaspersky Anti-Virus Create an alternative file kavscanner.conf.in. In the [container] section of this file set the following line as the infected objects processing rule: OnInfected=exec /tmp/kavscanner/test/vox.sh %FULLPATH%/%FILENAME% In the command line type: # kavscanner –c kavscanner.conf.in –ePASE –qR –o /tmp/logfile.log –j3 –pi /tmp/infected_archive.lst / 5.3.4.2.

  • Page 74: License Key Management

    Kaspersky Anti-Virus for Unix Mail Servers Set the actions to be applied to infected component objects. To do so enter the line provided below in the On infected parameter input field in the section Object action on the Kasperksy Anti-Virus Scanner tab of the Webmin program (see Figure 18): exec echo %FULLPATH%/%FILENAME% is infected by %VIRUSNAME% | mail -s kavscanner...

  • Page 75: Viewing The License Key Information

    Working with Kaspersky Anti-Virus 5.4.1. Viewing the license key information You can view the information about the installed license keys in the work reports of kavscanner, kavupdater, and aveserver components.Starting each of these components loads the key information. ® In addition, Kaspersky Anti-Virus contains a special component licenseviewer, which not only enables you to view complete information about the keys, but also provides analytical data.
  • Page 76 Kaspersky Anti-Virus for Unix Mail Servers Other KAV for Mail Servers Key Info Figure 20. License information In the command line type: licenseviewer –s The following information will be output to the server’s console or to the ® Kaspersky Anti-Virus license info tab: Kaspersky license viewer Version 5.0 Copyright (C) Kaspersky Lab.
  • Page 77 Working with Kaspersky Anti-Virus licenseviewer –k 0003D3EA.key The following information will be output to the console: Kaspersky license viewer Version 5.0 Copyright (C) Kaspersky Lab. 1998-2003. Serial 0038-000419-0003D3EA, "Kaspersky Anti-Virus for Personal Linux", expires 04-07-2003 in 28 days In order to view information regarding licensed mail traffic or the number of protected users: ®...
  • Page 78 Kaspersky Anti-Virus for Unix Mail Servers Other KAV for Mail Servers Key Info Figure 21. Key information ® For Kaspersky Anti-Virus licensed by NUMBER OF USERS we offer an additional option to check at any moment whether a user is protected, i.e. if his or her incoming and outgoing messages are subject to anti-virus processing.

  • Page 79: Renewing The License

    Working with Kaspersky Anti-Virus 5.4.2. Renewing the license ® Renewal of the license for Kaspersky Anti-Virus will give you the right to re- enable the product’s full functionality, including anti-virus database updating. In addition, it will recommence the extra services listed in section 5.3.4 on page 69. The license term depends on the license type that you selected when you purchased the product.

  • Page 80: Chapter 6. Advanced Settings

    CHAPTER 6. ADVANCED SETTINGS ® In this section we shall consider advanced settings of Kaspersky Anti-Virus functions. Unlike the required settings (see Chapter 4 on page 31), without which the product cannot be used, advanced settings are made as administrator’s options.
  • Page 81 Advanced settings 1. The program checks if the message addresses belong to the groups defined by the administrator. If the message addresses belong to any user address group, then this message will be processed according to the rules set by the parameters of this group.

  • Page 82: Forming User Groups

    Kaspersky Anti-Virus for Unix Mail Servers 6.1.1. Forming user groups ® By default, the configuration file of Kaspersky Anti-Virus has the group [smtpscan.group:default], which is true for all the server’s senders and recipients. It contains the following mail message processing rules: Check all the messages.

  • Page 83: Message Check And Disinfection Mode

    Advanced settings Create a new group urgent on the Groups list tab of the Webmin program (see Figure 10). Select the name of the group you have just created in the list of user groups and click the Properties button. 2.

  • Page 84: Actions Taken With Mail Messages

    Kaspersky Anti-Virus for Unix Mail Servers On the Notify list tab (see Figure 15) place at least one check mark for the Cured object type or select the required value in the drop-down list in the Action column. 6.1.3. Actions taken with mail messages The following two factors determine what actions shall be taken with mail messages: Object status assigned after scanning (see section 6.2.2 on page 89).
  • Page 85 Advanced settings In the columns Administrator rules/ Action and User rules/ Action on the Notify list tab (see Figure 15) of the Webmin program select one value for all objects. If you want to set individual actions for different types of objects: Specify respective actions...

  • Page 86: Notifying Senders, Recipients, And Administrators

    Kaspersky Anti-Virus for Unix Mail Servers 6.1.4. Notifying senders, recipients, and administrators ® Kaspersky Anti-Virus allows the user to set up notifications (including their send mode, generation parameters, and the text) for mail message senders, recipients and group administrators regarding objects of any possible status (suspicious, infected, cleaned, corrupted etc.) The sending of notifications is governed by the following configuration parameters: RecipientNotify –...
  • Page 87 Advanced settings If you wish to edit the text of the notification you can either: Edit the text of the template supplied with the program, or, Create a new template file and specify the full path to it as the value of the Template parameter in the section [smtpscan.notify].
  • Page 88 Kaspersky Anti-Virus for Unix Mail Servers Other KAV for Mail Servers Notify Figure 23. Notification list In order to edit the parameters of the notification: Select in the notification list and click the Edit button. In the next window (see Figure 24) set the required parameters and edit the notification text, if necessary.

  • Page 89: Setting Antiviral Protection Of The Server's File Systems

    Advanced settings The notification of which you have changed the parameters will be marked by the symbol (+) next to its name in the list. 6.2. Setting antiviral protection of the server’s file systems All the parameters of the antiviral protection of the server’s file systems can be divided into groups that set: Scan area (see section 6.2.1 on page 88).

  • Page 90: File Check And Disinfection Mode

    Kaspersky Anti-Virus for Unix Mail Servers If in the command line both the scan path and the text file with the list of objects are specified, then the program will scan the area specified in the file. The path provided in the command line will be ignored.

  • Page 91: Actions Taken With The Files

    Advanced settings Corrupted – The file is corrupted. Protected – The file is password-protected. With the disinfection mode enabled (section [scanner.options], parameter Cure=yes) only those files that have the status Infected are sent for anti-virus processing. After cleaning the file it is assigned one of the following statuses: Cured –...

  • Page 92: Setting The Operation Of The Aveserver Process

    Kaspersky Anti-Virus for Unix Mail Servers Actions taken to self-extracting archives are ambiguous. If the archive itself is infected, it is treated as a simple object, but if the objects inside it are infected then it is considered a compound object. Accordingly, actions that are taken to the archive in these cases are defined by the parameters set in different sections of the configuration file! You can use the following methods to select an action for a file:...

  • Page 93: Aveserver Reloading

    Advanced settings Detach from terminal – The process is disconnected from the terminal immediately after startup. This mode should be enabled, since system boot will not proceed until the process disconnects. The mode is enabled by default (value is yes). The mode should only be disabled (value no) when the process is controlled by a program such as SVC.

  • Page 94: Forced Ending Of The Aveserver Operation

    Kaspersky Anti-Virus for Unix Mail Servers database or, if the path to the file is set incorrectly, terminates and leaves the respective message in the report. All the active connections of the process with client programs remain active until they are closed. Such reloading of the aveserver process is necessary, for example, after editing the configuration file or adding a new license key.

  • Page 95: Parameters Of Kaspersky Anti-Virus ® Report Generation

    Advanced settings 6.5. Parameters of Kaspersky Anti- Virus report generation ® ® The results of all Kaspersky Anti-Virus components operations are logged in a report that is output to a file. The results of antiviral processing of the server’s file system are also output to the console.

  • Page 96: Format Of Messages About Scanning

    Kaspersky Anti-Virus for Unix Mail Servers Level name in Levels Value Webmin Debug All debugging information, e.g. configuration file contents. Information regarding fatal errors in component operation is output regardless of the set level of detail. The optimal level of detail is 3, which is set by default. The general format used to output information according to any of the above levels of detail is as follows: [date time level_of_detail] STRING...
  • Page 97 Advanced settings "file_name" result [virus_name] Short message format (ShowObjectResultOnly=yes): "file_name" result where: virus_name is the name of the virus for the events CURED, INFECTED, CUREFAILED, WARNING and SUSPICION. For other events this field is left blank. result – The status assigned to the file after scanning and disinfection.

  • Page 98: The Format Of Other Messages

    Kaspersky Anti-Virus for Unix Mail Servers Event/Result Value SUSPICION The file is suspected of being infected by an unknown virus. ERROR The file cannot be checked due to an error (e.g. if a corrupted archive was processed) PROTECTED The file cannot be checked because it is encrypted. CORRUPTED The file is corrupted.

  • Page 99: The Format Of Messages Output To The Console

    Advanced settings Error messages: Error: error_text. 6.5.3. The format of messages output to the console Messages are output to the console by the components kavscanner and kavupdater. The output of the information by the kavscanner component to the console is governed by the presence of the –q key in the command line when launching the component.

  • Page 100: Chapter 7. Questions And Answers

    CHAPTER 7. QUESTIONS AND ANSWERS This chapter contains FAQs about installation, setting up, and use of Kaspersky ® Anti-Virus Question: Does the program support X architecture processors (PowerPC, SPARC, Alpha, PA-RISC etc.)? These processors are not supported in the current version of the software product.
  • Page 101 Questions and answers Question: Why do I need the key file? Will my copy of the anti-virus program work without it? ® No, Kaspersky Anti-Virus does not work without a license key. If you are still deciding whether or not to purchase Kaspersky Anti- ®...

  • Page 102: Users List

    Kaspersky Anti-Virus for Unix Mail Servers Such a problem may appear in the following cases: Your DNS has no localhost domain, which is required by RFC 2606. Configure your DNS as the RFC advises. For more detailed information please refer this page: http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc2606.html...
  • Page 103 Questions and answers about your problem. They only can help after fully understanding and reproducing it. Send the following data to the Technical support service (pack them in one archive before sending): All the configuration files of your mail agent (MTA) Files from the directory /etc/kav/ Mail system report file anti-virus...
  • Page 104 Kaspersky Anti-Virus for Unix Mail Servers Question: Is it possible for an intruder to replace the anti-virus database? An intruder can download the database from Kaspersky Lab’s website and copy it to the anti-virus database storage directory, but Kaspersky ® Anti-Virus will not use them in its work! Every anti-virus database has a unique signature checked by Kaspersky...

  • Page 105: Chapter 8. Uninstalling Kaspersky Anti-Virus

    CHAPTER 8. UNINSTALLING KASPERSKY ANTI-VIRUS ® ® To uninstall Kaspersky Anti-Virus for Unix the following is required: Superuser rights (root or any other user with UID=0). If you do not have such rights when you wish to uninstall the program, you will have to log on as the root user.

  • Page 106: Appendix A. Supplementary Information About The Product

    APPENDIX A. SUPPLEMENTARY INFORMATION ABOUT THE PRODUCT ® This annex includes a description of the directory tree of Kaspersky Anti-Virus distribution after installation, a description of the configuration file, and command line keys for every component and their return codes. Configuration files of mail systems and a script file for virus removal are provided as examples.

  • Page 107: Kaspersky Anti-Virus ® Configuration File

    Appendix A /opt/kav/man/ – The directory with man-files. /var/db/kav/5.0/kav4mailservers/bases – The directory where the anti-virus database is stored. /var/db/kav/5.0/kav4mailservers/bases.backup – The directory where the anti- virus database is stored that was current before the last update. /var/db/kav/5.0/kav4mailservers/keys – The directory where the license keys are stored.
  • Page 108 Kaspersky Anti-Virus for Unix Mail Servers The [locale] section contains parameters that define the text used to replace the %VIRUSNAME% macro in mail notifications, as well as the formats of date and time: PasswordMessage=password protected – The text used to replace the macro %VIRUSNAME% in mail notifications regarding password- protected objects.
  • Page 109 Appendix A Packed=yes – Packed files scanning mode. To disable scanning of packed files set the parameter to no. Archives=yes – Archive scanning mode. To disable scanning of archives set the parameter to no. SelfExtArchives=yes – Self-extractive archives scanning mode. To disable the mode set the parameter to no.
  • Page 110 Kaspersky Anti-Virus for Unix Mail Servers exec <parameter> – Take an action defined by the value of the <parameter>. When generating the additional parameter of the exec action the following macros can be used: %FULLPATH% – Full path to the file. %VIRUSNAME% –...
  • Page 111 Appendix A Append=yes – The mode in which new messages are added to the existing report file. To disable the mode set the parameter to no. ReportLevel=10 – Level of detail of the report. ShowOK=yes – Mode in which messages regarding uninfected files are included in the report.
  • Page 112 Kaspersky Anti-Virus for Unix Mail Servers background mode only after loading the anti-virus database and the license keys to the memory. LocalSocketPermissions=0666 – Octonary code of access permission to the socket file. The [aveserver.report] section contains parameters of the aveserver component work report generation: ReportFileName=/tmp/aveserver.log –...
  • Page 113 Appendix A ® The [smtpscan.license] section contains parameters of Kaspersky Anti-Virus licensing: ® LicenseType – The type of Kaspersky Anti-Virus licensing. The parameter is defined during installation and can take one of two values: traffic or users. on reaching LicenseWarningNotifySize – Critical amount of mail traffic which a notification regarding license expiration will be sent.
  • Page 114 Kaspersky Anti-Virus for Unix Mail Servers The [smtpscan.notify] section contains parameters of notification common for senders, recipients, and administrators, as well as for objects of any status: Template=/etc/kav/5.0/template_notify_main – The name of the file with the notification template. Notifications are generated based on this template.
  • Page 115 Appendix A for objects with the appropriate status), and remove (do not deliver the object to the administrator). SenderNotify=yes – The mode in which the sender is notified about the results of mail processing. To disable the mode set the parameter to no. RecipientNotify=yes –...

  • Page 116: Command Line Keys For The Kavscanner Component

    Kaspersky Anti-Virus for Unix Mail Servers <object_status>RecipientAction=unchanged – The status of the object sent to the recipient with the notification. The statuses are the same as those described for the administrator. <object_status>RecipientAttachReport – Whether or not to attach the whole mail with the object to the notification. To enable the mode set the parameter to yes, to disable –...
  • Page 117 Appendix A Scanning options: –e <option> Change the default scanning option. The following modes can be used as the <option>: Enable/disable scanning of packed files. Enable/disable scanning of archives. Enable/disable scanning of self-extracting archives. Enable/disable scanning of mail banks. Enable/disable scanning of plain text messages. Enable/disable heuristic code analyzer.
  • Page 118 Kaspersky Anti-Virus for Unix Mail Servers <option>: Short/extended format of messages regarding scanning of a simple object. Short/extended format of messages regarding scanning of an archive. Enable/disable output of messages regarding uninfected files to the console. Enable/disable output messages regarding component’s current operation to the console.

  • Page 119: The Kavscanner Component Return Codes

    Appendix A > Check objects to which the path is provided in the file –@ <filelist.lst <filelist.lst>. File processing options: –i0 Only check for viruses. –i1 Clean the infected objects.If cleaning is impossible skip the objects. –i2 Clean the infected objects. If cleaning is impossible and the object is a simple one, delete it.

  • Page 120: Command Line Keys For The Aveserver Component

    Kaspersky Anti-Virus for Unix Mail Servers Unable to load the anti-virus database (the path specified in the configuration file was not found). Anti-virus database corrupted. The date of the anti-virus database is beyond the license key expiration period. The license information is missing or no license key was found at the path specified in the configuration file.

  • Page 121: Command Line Keys For The Smtpscanner Component

    Appendix A System error during aveserver startup. Unable to create a local socket for connection with the process. Unable to create a network socket for connection with the process. An error during the anti-virus database startup. The date of the anti-virus database is beyond the license key expiration period.

  • Page 122: The Smtpscanner Component Return Codes

    Kaspersky Anti-Virus for Unix Mail Servers –c (–C) <file_path> Use alternative configuration file <file_path> ® –V Verify the installation and Kaspersky Anti-Virus SMTP scanner settings of mail traffic scanning A.8. The smtpscanner component return codes The smtpscanner component started successfully. A warning was sent to the qmail mail system stating that the mail message could not be processed immediately and had therefore been placed in the queue.

  • Page 123: Command Line Keys For The Kavupdater Component

    Appendix A –i Output to the console information regarding the ® Kaspersky Anti-Virus mail licenses categorized by user and by mail traffic. –k <file_path> Display on the console the information regarding the key <file_path> Report generation options: –q Do not output messages to the console. A.10.

  • Page 124: The Kavupdater Component Return Codes

    Kaspersky Anti-Virus for Unix Mail Servers A.11. The kavupdater component return codes During its work the kavupdater component can return the following codes: No anti-virus database updating is required. The anti-virus database updated successfully. Failed to update the anti-virus database from all the update servers. The license information is missing or no license key was found at the path specified in the configuration file.
  • Page 125 Appendix A if [ ! -d $TEMP ]; then mkdir -p $TEMP ## tar if [ $suf == gz -o $suf == tgz ] ; then list=`tar -ztf $name` tar -C $TEMP -zxf $name $KAVKAVSCANNER -c $CONF -i3 $TEMP cd $TEMP tar -czf $sname.tgz * for i in $list j=${i##/*/}...

  • Page 126: A Sample Configuration File For The Postfix Mail Program - Master.cf

    Kaspersky Anti-Virus for Unix Mail Servers elif [ $suf == rar ] ; then list=`rar l $name` rar x $name $TEMP $KAVKAVSCANNER -c $CONF -i3 $TEMP cd $TEMP zip $sname.zip -r . echo $SPWD mv $TEMP/$sname.zip $SPWD/$sname.zip.cure rm -rf $TEMP A.13.
  • Page 127 Appendix A Service priv upriv chroo Wakeup Maxpro command (yes) t(yes) (yes) + args (50) Showq unix showq Error unix error Local unix local Virtual unix virtual Lmtp unix lmtp ® ## This line added by Kaspersky Anti-Virus Installer localhost:10025 inet spawn user=filter argv=/opt/kav/bin/smtpscanner...

  • Page 128: Appendix B. Malicious Programs In The Unix Environment

    APPENDIX B. MALICIOUS PROGRAMS IN THE UNIX ENVIRONMENT Viruses are much less common in Unix-system environments than, for example, in the Windows environment because of the features of these platforms. However, Trojan horses and Internet Worms are more widespread Malicious programs spread themselves via networks, sometimes exploiting “loopholes”...

  • Page 129: Trojan Horses

    Appendix B ELF_SNOOPY – A virus that infects executable Unix files. The virus operation algorithm: This finds all the executables on the workstation, renames them changing their extension to .X23 and places them into the directory /E it creates. Then the virus copies its code into the original files and changes their attributes to 777.

  • Page 130: Internet Worms

    Kaspersky Anti-Virus for Unix Mail Servers A typical specimen of Unix-oriented Trojans is TROJ_IRCKILL – a Trojan that consists of a set of software tools used to disconnect users from IRC channels. This set includes four utilities used for attacks: FLOOD, MCB (Multiple Collide BOTs), SUMO BOTs, and FLASH –...
  • Page 131 Appendix B Source of spreading: Via the network as a tgz archive. Operation algorithm: The worm sends a short piece of its code to remote computers using the problem of buffer overflow. After startup of the worm’s main component (the file start.sh) it sequentially downloads other components that detect the addresses of the attacked systems, using the buffer overflow problem.
  • Page 132 Kaspersky Anti-Virus for Unix Mail Servers Worm.Linux.Adm– An internet worm that infects Linux systems. The worm sends a short piece of its code to remote computers, executes it, then downloads the rest of its code and runs it. Source of spreading: Via the network. It spreads its copies (infects remote Linux systems) exploiting a “loophole”...

  • Page 133: Appendix C. Kaspersky Labs Ltd

    APPENDIX C. KASPERSKY LABS LTD. Founded 1997, Kaspersky Labs has become a recognized leader in information security technologies among Russian companies. It produces a wide range of data security software and delivers high-performance, comprehensive solutions to protect all tiers of your networks from viruses, unsolicited and unwanted e-mail messages, and hacker attacks.

  • Page 134: Other Kaspersky Labs Products

    Kaspersky Anti-Virus for Unix Mail Servers The company provides its customer with 24-hour technical support service available in several languages. C.1. Other Kaspersky Labs products ® Kaspersky Anti-Virus Lite This is an optimal choice for even an unskilled user who wants to protect his/her home computer from viruses.
  • Page 135 Appendix A virus database and program modules. A second-generation heuristic analyzer efficiently detects even unknown viruses. Kaspersky Anti-Virus Personal includes many interface enhancements to make it easier than ever to use the program. In addition to real-time protection, on-demand scans, and a mail filter, Kaspersky ®...
  • Page 136 Kaspersky Anti-Virus for Unix Mail Servers ® handheld (PDA) protected from Kaspersky Security for PDA keeps your unauthorized intrusion by encrypting access to the device and the data stored memory cards ® Kaspersky Anti-Virus Business Optimal The package provides a configurable security solution for small and medium-size corporate networks.

  • Page 137: Contact Us

    Appendix A Mail systems, including Microsoft Exchange Server, Lotus Notes/Domino, Sendmail, Postfix, Exim, and Qmail. Data streams transmitted via firewalls. Handhelds (PDAs). ® ® Kaspersky Corporate Suite distribution includes Kaspersky Administration Kit, a unique tool for automated deployment and administration. You are free to choose any of the anti-virus programs according to the operating systems and applications you use.
  • Page 138 Kaspersky Anti-Virus for Unix Mail Servers Corporate Suite The telephone numbers and e-mail address are included Technical Support into the Corporate Suite distribution kit. Anti-virus newvirus@kaspersky.com Laboratory (only for archived new viruses) Sales Department +7 (095) 797-8700 sales@kaspersky.com +7 (095) 948-4331 +7 (095) 948-8350 Marketing +7 (095) 948-5650...

  • Page 139: Appendix D. Index

    APPENDIX D. INDEX Anti-virus database updating..6, 33, 45, License agreement......10 100, 111 License key..8, 26, 73, 74, 78, 100 Distribution kit Mail traffic scanning ....6, 12, 50 Buy offline ........9 Buy online ........10 Quarantine ....6, 58, 68, 108, 113 File system scanning ....

  • Page 140: Appendix E. License Agreement

    APPENDIX E. LICENSE AGREEMENT Standard End User Licence Agreement NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT ("AGREEMENT"), FOR THE LICENCE OF SPECIFIED SOFTWARE ("SOFTWARE") PRODUCED BY KASPERSKY LAB. ("KASPERSKY LAB"). IF YOU HAVE PURCHASED THIS SOFTWARE VIA INTERNET BY CLICKING THE ACCEPT BUTTON, YOU (EITHER AN INDIVIDUAL OR A SINGLE ENTITY) CONSENT TO BE BOUND BY AND BECOME A PARTY TO THIS AGREEMENT.
  • Page 141 Appendix E usage terms specified on the applicable price list or product packaging that apply to any of such Software products individually. 1.1 Use. The Software is licensed as a single product; it may not be used on more than one Client Device or by more than one user at a time, except as set forth in this Section.
  • Page 142 Kaspersky Anti-Virus for Unix Mail Servers If the number of Client Devices or seats that can connect to the Software can exceed the number of licences you have obtained, then you much have a reasonable mechanism in place to ensure that your use of the Software does not exceed the use limits specified for the licence you have obtained.
  • Page 143 Appendix E (a) Weekly updates of antivirus databases; (b) Free software updates, including version upgrades; (c) Extended technical support via E-mail and hot phone-line provided by Vendor and/or Reseller; (d) Virus detection and curing updates in 24-hours period. 4. Ownership Rights. The Software is protected by copyright laws. Kaspersky Labs and its suppliers own and retain all right, title and interest in and to the Software, including all copyrights, patents, trademarks and other intellectual property rights therein.
  • Page 144 Kaspersky Anti-Virus for Unix Mail Servers Software in a manner for which it was not intended or (c) use the Software other than as permitted under this Agreement; (vi) The warranties and conditions stated in this Agreement are in lieu of all other conditions, warranties or other terms concerning the supply or purported supply of, failure to supply or delay in supplying the Software or the Documentation which might but for this paragraph (v) have effect between the Kaspersky Labs...
  • Page 145 Appendix E 8. The construction and interpretation of this Agreement shall be governed in accordance with the laws of England and Wales. The parties hereby submit to the jurisdiction of the courts of England and Wales save that Kaspersky Labs as claimant shall be entitled to initiate proceedings in any court of competent jurisdiction.

Table of Contents