1. Manuals
  2. Brands
  3. KAPERSKY Manuals
  4. Software
  5. ANTI-VIRUS 5.0 - FOR SENDMAIL WITH MILTER...
  6. Administrator's manual

KAPERSKY ANTI-VIRUS 5.0 - FOR SENDMAIL WITH MILTER API Administrator's Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
K A S P E R S K Y L A B
®
Kaspersky Anti-Virus
5.0
for Sendmail with Milter API
ADMINISTRATOR'S MANUAL

Advertisement

Table of Contents
loading

Related Manuals for KAPERSKY ANTI-VIRUS 5.0 - FOR SENDMAIL WITH MILTER API

Summary of Contents for KAPERSKY ANTI-VIRUS 5.0 - FOR SENDMAIL WITH MILTER API

  • Page 1 K A S P E R S K Y L A B ® Kaspersky Anti-Virus for Sendmail with Milter API ADMINISTRATOR'S MANUAL...
  • Page 2 ® K A S P E R S K Y A N T I - V I R U S 5 . 0 F O R S E N D M A I L W I T H M I L T E R A P I Administrator's manual ©...

  • Page 3: Table Of Contents

    Contents ® CHAPTER 1. KASPERSKY ANTI-VIRUS FOR SENDMAIL WITH MILTER API..6 1.1. Hardware and software system requirements ............. 7 1.2. Licensing policies....................8 1.3. Distribution kit ......................8 1.4. Help desk for registered users ................9 1.5. Adopted conventions................... 10 CHAPTER 2.
  • Page 4 ® Kaspersky Anti-Virus for Sendmail with Milter API 5.2. Blocking infected messages ................28 5.3. Delivering protected messages................30 5.4. Sending notifications to senders, recipients, and administrator......30 5.5. Filtering e-mail traffic by attachments ..............33 5.6. Updating the anti-virus database and application kernel ........34 5.7.
  • Page 5 Contents 7.1. License keys management ................. 65 7.1.1. Viewing license key information ..............66 7.1.2. License extension ..................67 7.1.3. License key removal..................69 CHAPTER 8. COMPATIBILITY WITH OTHER KASPERSKY LAB APPLICATIONS ......................70 CHAPTER 9. VERFIFYING PROPER OPERATION OF THE ANTI-VIRUS ..... 71 CHAPTER 10.

  • Page 6: Chapter 1. Kaspersky Anti-Virus ® For Sendmail With Milter Api

    CHAPTER 1. KASPERSKY ANTI- VIRUS FOR SENDMAIL ® WITH MILTER API ® Kaspersky Anti-Virus for Sendmail with Milter API provides anti-virus protection for e-mail traffic handled by Sendmail with Milter API running on a Linux\Unix server. Kaspersky Anti-Virus for Sendmail with Milter API running on a mail server will… •...

  • Page 7: Hardware And Software System Requirements

    ® Kaspersky Anti-Virus for Sendmail with Milter API 1.1. Hardware and software system requirements For smooth operation of Kaspersky Anti-Virus for Sendmail with Milter API, your mail server must meet the following hardware and software requirements: Minimum hardware requirements for program operation: •...

  • Page 8: Licensing Policies

    ® Kaspersky Anti-Virus for Sendmail with Milter API Software requirements: 1. One of the following operating systems: • Linux RedHat (v. 8 or 9), Linux SuSE (v.8.2, 9.0 or 9.1) or Linux Debian (v. 3.0) • FreeBSD, v. 4.9, 4.10 or 5.2.1 •...

  • Page 9: Help Desk For Registered Users

    ® Kaspersky Anti-Virus for Sendmail with Milter API • Administrator’s guide • License key written on the installation CD or a floppy disk • License agreement Before you unseal the envelope containing the CD (or floppy disks), be sure to thoroughly review the license agreement.

  • Page 10: Adopted Conventions

    ® Kaspersky Anti-Virus for Sendmail with Milter API 1.5. Adopted conventions The text in this document is formatted in accordance with its meaning. The table below lists the conventions adopted for use in the text. Style Purpose Bold type Menu titles, menu items, window titles, parts of dialog boxes, etc.

  • Page 11: Chapter 2. Typical Deployment Scenarios

    CHAPTER 2. TYPICAL DEPLOYMENT SCENARIOS Kaspersky Anti-Virus for Sendmail with Milter API can be rolled out using the following methods, depending on the initial configuration of your mail system and specific needs of your organization: • on the same server your mail system is on: this scenario is used by de- fault if you have a configured Sendmail system on your server (see sec- tion 2.1 on page 12).
  • Page 12 ® Kaspersky Anti-Virus for Sendmail with Milter API Email traffic forwarded from other servers or from users arrives at Sendmail. The mail system then forwards messages to Kaspersky Anti-Virus through Milter API for anti-virus processing. Kaspersky Anti-Virus scans and handles email messages and, depending on the settings, sends them back through Milter API to the mail system.

  • Page 13: Installing Kaspersky Anti-Virus On A Dedicated Server

    typical deployment scenarios 2.2. Installing Kaspersky Anti-Virus on a dedicated server If your mail server’s load is consistently high, it is more reasonable to install Kaspersky Anti-Virus on a dedicated server in order to avoid server malfunction, because anti-virus processing of mail traffic consumes considerable server re- sources.

  • Page 14: Installing Kaspersky Anti-Virus As A Filter (Single Or Additional)

    ® Kaspersky Anti-Virus for Sendmail with Milter API 2.3. Installing Kaspersky Anti-Virus as a filter (single or additional) Kaspersky Anti-Virus for Sendmail with Milter API can be installed as either a single filter or together with other filters. If other mail filters have been installed on your system, you should carefully define their sequence based on filter settings.

  • Page 15: Chapter 3. Installation And Uninstallation Of Kaspersky Anti-Virus

    CHAPTER 3. INSTALLATION AND UNINSTALLATION OF KASPERSKY ANTI-VIRUS Prior to beginning the installation of Kaspersky Anti-Virus for Sendmail with Milter API, we recommend the following preparations for your system: • Make sure that your system meets the hardware and software require- ments for installation of the Kaspersky Anti-Virus (please see para.

  • Page 16: Software Installation On A Server Running Freebsd Or Openbsd

    ® Kaspersky Anti-Virus for Sendmail with Milter API 3.2. Software installation on a server running FreeBSD or OpenBSD The installation package for Kaspersky Anti-Virus is supplied in a .pkg package for servers running FreeBSD or OpenBSD operating systems. In order to start installing Kaspersky Anti-Virus from a .pkg package, enter the following text in the command line: pkg_add <package_name>...
  • Page 17 Installation and UNinstallation of Kaspersky Anti-Virus Registering the kavmilterd service with the startup system (depending on your operating system). Searching and automatically editing the Sendmail configuration to integrate it with the anti-virus filter. Prior to making any configuration changes, you must back up the original Sendmail configuration.

  • Page 18: Post-Install Setup

    ® Kaspersky Anti-Virus for Sendmail with Milter API 3.4. Post-install setup The installation of Kaspersky Anti-Virus for Sendmail with Milter API involves automatic configuration of the application and mail system. However, you may need to perform some post-installation tasks: Install the license key if this was not done during the installation. To install the license key, copy the key file to the special directory defined by the LicensePath parameter and restart the application (for details on restarting the application, see section 6.15 on page 60).
  • Page 19 Installation and UNinstallation of Kaspersky Anti-Virus /opt/kav/5.0/kavmilter/web – directory containing the kavmilter.wbm remote management module for the Webmin web-interface. /var/db/kav/5.0/kavmilter/ – Application directory that includes: backup/ – Message backup storage directory. bases/ – Directory storing the anti-virus database and kernel modules. bases/backup/ –...

  • Page 20: Software Uninstallation On A Server Running Linux

    ® Kaspersky Anti-Virus for Sendmail with Milter API 3.6. Software uninstallation on a server running Linux To uninstall Kaspersky Anti-Virus previously installed from a package you should issue the following command: In order to remove Kaspersky Anti-Virus if installed from a .rpm pack- age, enter the following text in the command line: rpm -e <package_name>...
  • Page 21 Installation and UNinstallation of Kaspersky Anti-Virus Stopping the kavmilter service. From this moment, anti-virus filtration of mail traffic is disabled. Rolling back the registration of the kavmilterd service in the system: in SySV systems, the links to the rc.d must be removed; in BSD- based systems, the links to a script corresponding to this service are removed, in OpenBSD-based systems, the rc.local file should be edited.

  • Page 22: Chapter 4. Recommended Operation Modes

    CHAPTER 4. RECOMMENDED OPERATION MODES In addition to kavmilter.conf, the Kaspersky Anti-Virus for Sendmail with Milter API distribution kit includes four configuration files that provide four protection levels for your mail server: kavmilter-high-security.conf – Application configuration that delivers a high overall protection to your e-mail traffic (see section 4.1 on page 23).

  • Page 23: Top Reliability Mode

    Recommended operation modes • A backup copy is created for every message that undergoes anti-virus fil- tering; an information file is created for each of these messages. • All infected messages and their objects are subject to anti-virus process- ing. If disinfection fails, the message or part of it is deleted. •...

  • Page 24: Optimal Operation Mode

    ® Kaspersky Anti-Virus for Sendmail with Milter API 4.3. Optimal operation mode This mode provides an optimal balance between anti-virus protection level and scan speed: • The program scans a bulk e-mail messages as a whole and then, if e-mail is identified as infected, each message object is scanned separately.
  • Page 25 Recommended operation modes • Notifications about the actions applied to a message or object are sent only to the recipient. The program does not notify the administrator or the sender. • Critical events, information messages, and error messages are logged in the report.

  • Page 26: Chapter 5. Using Kaspersky Anti-Virus For Sendmail With Milter Api

    CHAPTER 5. USING KASPERSKY ANTI-VIRUS FOR SENDMAIL WITH MILTER API The main function of Kaspersky Anti-Virus for Sendmail with Milter API is to secure the mail traffic on your mail server against viruses. However, you can significantly extend the application functionality to better meet the needs of your company by using it for filtering e-mail by attachments, backing up e-mail traffic, etc.

  • Page 27: Blocking Infected Messages

    Using Kaspersky Anti-Virus for Sendmail with Milter API To implement this task, configure the application as follows: [kavmilter.global] ScanPolicy=combined [kavmilter.engine] ScanArchives=yes ScanPacked=yes ScanCodeanalyzer=yes [kavmilter.actions] DefaultAction=cure [kavmilter.notifications] EnableNotifications=on NotifyRecipients=infected MessageDir=/var/db/kav/5.0/kavmilter/templates/ MessageSubject="Anti-virus notification message" [kavmilter.log] LogFacility=syslog LogOption=scan.all [kavmilter.statistics] TrackStatistics=all DataFormat=xml DataFile=/var/log/kav/5.0/kavmilter/statistics.data 5.2. Blocking infected messages You can block messages using several methods: the administrator can delete an infected message without notifying the recipient beforehand and return an error code to the sender as if it were sent by a mail agent.
  • Page 28 ® Kaspersky Anti-Virus for Sendmail with Milter API To implement this task, configure the application as follows: [kavmilter.global] ScanPolicy=combined [kavmilter.engine] ScanArchives=yes ScanPacked=yes ScanCodeanalyzer=yes [kavmilter.actions] DefaultAction=drop [kavmilter.notifications] EnableNotifications=on SendmailPath=/usr/sbin/sendmail NotifyAdmin=infected AdminAddresses=admin@localhost UseCustomTemplates=on AdminSubject="Anti-virus notification message" Task: Reject infected messages from the sender, return an error code to the sender, and notify the administrator of the actions.

  • Page 29: Delivering Protected Messages

    Using Kaspersky Anti-Virus for Sendmail with Milter API AdminAddresses=admin@localhost UseCustomTemplates=on AdminSubject="Anti-virus notification message" 5.3. Delivering protected messages Sometimes an e-mail message cannot be scanned for viruses because it is password protected or encrypted. The administrator must be sure of the user’s ability to disinfect the message if it turns out to be infected.
  • Page 30 ® Kaspersky Anti-Virus for Sendmail with Milter API Recipient and sender addresses for sending notifications are inherited from the original e-mail message. The administrator addresses must be specified for the AdminAddresses parameter of the [kavmilter.notifications] section. To enable sending notifications, configure the application as follows: [kavmilter.notifications] EnableNotifications=on NotifySender=infected...
  • Page 31 Using Kaspersky Anti-Virus for Sendmail with Milter API MessageDir=/var/db/kav/5.0/kavmilter/templates/ RejectReply="Message rejected because it contains malware" Task: Notify the recipient and administrator that the message containing protected objects has skipped anti-virus processing (action for protected objects – skip). To implement this task, configure the application as follows: [kavmilter.global] ScanPolicy=combined [kavmilter.actions]...

  • Page 32: Filtering E-Mail Traffic By Attachments

    ® Kaspersky Anti-Virus for Sendmail with Milter API FilteredSizeAction=skip [kavmilter.notifications] EnableNotifications=on NotifySender=filtered NotifyRecipients=filtered NotifyAdmin=filtered AdminAddresses=admin@localhost MessageDir=/var/db/kav/5.0/kavmilter/templates/ MessageSubject="Anti-Virus notification message" SendmailPath=/usr/sbin/sendmail UseCustomTemplates=on 5.5. Filtering e-mail traffic by attachments The application can filter e-mail messages by attachment name, attachment MIME type, and attachment size. Task: Deliver messages with attachments whose size is below 500 Kb without additional treatment.

  • Page 33: Updating The Anti-Virus Database And Application Kernel

    Using Kaspersky Anti-Virus for Sendmail with Milter API [kavmilter.filter] IncludeSize=500 FilteredSizeAction=skip IncludeName=loveletter\..* FilteredNameAction=delete [kavmilter.notifications] EnableNotifications=on NotifyRecipient=filtered NotifyAdmin=all AdminAddresses=admin@localhost MessageDir=/var/db/kav/5.0/kavmilter/templates/ MessageSubject="Anti-virus notification message" SendmailPath=/usr/sbin/sendmail UseCustomTemplates=on 5.6. Updating the anti-virus database and application kernel During the application installation, the cron task of updating the database and application kernel is registered on the server.
  • Page 34 ® Kaspersky Anti-Virus for Sendmail with Milter API Task: Scan e-mail traffic for viruses and disinfect all infected objects. Delete the objects that cannot be disinfected. Upon every attempt to disinfect or delete a message, create backup copy of it with a full de- scription.

  • Page 35: Chapter 6. Additional Setup

    CHAPTER 6. ADDITIONAL SETUP This section describes in detail additional setup of Kaspersky Anti-Virus functionality. Unlike the settings made during the installation process (please see para. 3.3 on p.17) which are required and essential for product functioning, additional setup is performed at the administrator's discretion. Those settings extend product functionality and allow its adjustment for operation within corporate framework of a specific enterprise.
  • Page 36 ® Kaspersky Anti-Virus for Sendmail with Milter API –add-service – Register kavmilter as a service (as SySV or start from rc.local); –del-service – Cancel registration of kavmilter as a service and roll back the changes in configuration files; –check-service – Check whether kavmilter is registered as a service and was started at operation system startup.

  • Page 37: Installing And Uninstalling The Remote Management Module

    Additional setup If you are running OpenBSD, the Sendmail default configuration file is localhost.cf. Kaspersky Anti-Virus makes changes to this configuration file. Note that if you work under OpenBSD and run Sendmail using another configuration file (–С option) or run Sendmail using command line op- tions or only –bd option, Sendmail will be started using sendmail.cf as a configuration file.
  • Page 38 ® Kaspersky Anti-Virus for Sendmail with Milter API Open a Webmin page in your browser window. Select Webmin Configuration and open the Webmin Modules con- figuration section. In the Install Module section, select installation from a file (from local file) and specify the full path to kavmilter.wbm, the Kaspersky Anti-Virus module for Webmin in the corresponding field.

  • Page 39: Defining An E-Mail Scan Policy

    Additional setup If you are reinstalling the module, all paths to the main Kaspersky Anti- Virus files and directories listed on the Module Config tab will be saved automatically. 6.3. Defining an e-mail scan policy Using Kaspersky Anti-Virus, the mail server administrator can customize the anti- virus protection of incoming and outgoing e-mail messages by defining scan policies.

  • Page 40: Selecting Objects To Scan

    ® Kaspersky Anti-Virus for Sendmail with Milter API The heuristic analyzer is a powerful tool for detecting modified malicious code that is similar to a known virus signature, i.e., it recognizes new vi- ruses that are not yet in the database. The use of heuristic technology is defined by the ScanCodeAnalyser parameter in the [kavmilter.engine] section.

  • Page 41: Assigning Actions For Objects

    Additional setup Error – The message (or part of it) is corrupted and an error occurred while scanning it. Protected – The message (or part of it) is protected with a password or other means of protection. Therefore, it was skipped for anti-virus scanning.

  • Page 42: Selecting Objects To Be Filtered And Assigning Actions

    ® Kaspersky Anti-Virus for Sendmail with Milter API default, the original mail message (for the warn and delete options) or treated message (for cure) is attached to the notification sent to the sender, recipient, and administrator. You can customize the notification messages by editing the corresponding templates (see section 6.11 on page 46).

  • Page 43: Configuring Backup Options

    Additional setup rename – Rename the attachment using the following rule: the last letter of the attachment extension is replaced with the "_" character. For exam- ple, the exe extension will be ex_, com will be co_, etc. This action can- not be applied to the attachments of MIME types.

  • Page 44: Configuring Database And Kernel Module Updates

    ® Kaspersky Anti-Virus for Sendmail with Milter API • Distribute backup copies in special folders within the storage named as year-month-date. • Check the storage size and notify the administrator when it becomes critical. • Delete the oldest folders with backup copies. For this utility, the following command line options are available: –install –...

  • Page 45: Customizing Notifications

    Additional setup Before updating, the program always creates a back up copy of the database and kernel modules so that you can easily roll back to them if updating fails. The backup storage is defined by the BackUpPath parameter. Thus, you can always roll back to the previous version of the anti-virus database and restore earlier program modules.
  • Page 46 ® Kaspersky Anti-Virus for Sendmail with Milter API Special notification for the administrator is sent to the administrator in case of emergency, for example, if a critical error occurs during Anti-Virus performance. This kind of notification is also sent by the external mail agent, Sendmail.

  • Page 47: Notification Templates

    Additional setup The application informs about license expiry or violation of license agreement automatically, no additional setup is required for the notifications; they cannot be disabled by administrators. In order to enable sending of special notifications to administrators about Discard, Fault and Update events, assign a corresponding value to the NotifyAdmin parameters.
  • Page 48 ® Kaspersky Anti-Virus for Sendmail with Milter API contain a macro describing the reasons for deletion. The following tem- plates are available: • message_default_notify – Text sent by default to the recipient, sender, and administrators about the actions applied to the message.

  • Page 49: Customizing Notification Templates

    Additional setup • Text notifying the administrator about the license expiration date. Notifications are sent three times: a week before the license expiration, in three days, and on the expiration date. The notification text or sending options cannot be customized. •...

  • Page 50: Iteration Constructs

    ® Kaspersky Anti-Virus for Sendmail with Milter API 6.11.2.2. Iteration constructs An iteration construct (IC) is the main element of the template language. The syntax for an iteration construct is <FOR INAME IOP IVALUE>BODY</FOR> where: <FOR – the beginning of IC definition. The < symbol that is not the begin- ning of an IC definition should be screened (see section 6.11.2.5 on page 54);...

  • Page 51: Scope Of Visibility For An Iterative Statement

    Additional setup These condition constructs are parsed sequentially. Thus, iteration constructs are used to distinguish both the single and multiple values of a macro. For example, if the macro %FILTERNAME% has the values of KAVFilter1, KAVFilter2, KAVFilter3, and SimpleFilter, then the construct: <FOR FILTERNAME == "KAVFilter1">%FILTERNAME%</FOR>...

  • Page 52: Variables

    ® Kaspersky Anti-Virus for Sendmail with Milter API <FOR _macro_name_parent_ == "_value_1">%_macro_name_child_%</FOR> In the above example, the scope of the macro %_macro_name_parent_% in- cludes all sublevels (between the FOR tags) if the macro value is overridden 6.11.2.4. Variables Variables provide better flexibility in customizing templates using the Template language.

  • Page 53: Language Syntax

    Additional setup <DEF __NAME__= "NAME_1"/>Now you will see the first value: %__NAME__%. <DEF __NAME__= " NAME _2"/>Now you will see the sec- ond value: %__NAME__%. will be output as: Now you will see the first value: NAME_1. Now you will see the second value: NAME_2. A variable can have a macro as its value.
  • Page 54 ® Kaspersky Anti-Virus for Sendmail with Milter API Example: <FOR FILTERNAME != "KAVFilter*"> Unlimited length of all possible values. It is used only inside tags in comparison with templates. Example <FOR FILTERNAME == "KAV*"> All possible one-character values. It is used only inside tags in comparison with templates.

  • Page 55: Notification Macros For The Application

    Additional setup tag. See item 1 above if you want to place a ‘\’ at the end of line. • To output the ‘%’ symbol into the template text, use ‘\%’. • To output the ‘/’ symbol into the template text, use ‘\/’. •...

  • Page 56: Reporting Options

    ® Kaspersky Anti-Virus for Sendmail with Milter API %INFO% – Information related to the following actions performed: • List of detected viruses (malicious software) – for infected ob- jects. • Error code description – for objects that generated a scan er- ror.

  • Page 57: Parameters Of Update Report Generation

    Additional setup notice – Events related to the application business logics. info – General information concerning the application functionality. debug – Debugging messages. all – All the above levels. You can combine the information categories and their detail levels. For example, if you want to record all information related to backing up messages, enter the following string into the configuration file: LogOption=backup.all...
  • Page 58 ® Kaspersky Anti-Virus for Sendmail with Milter API The detail level is a number that defines the degree of specialization of information related to components’ operation. Each next level includes data of all previous levels plus some additional information. The report detail levels are listed in the table below. Level name in Levels Value...

  • Page 59: Statistics Parameters

    Additional setup The format of time and date representation can be changed in the [locale] section of the configuration file. STRING – A line of the report. 6.14. Statistics parameters The application saves the following statistics based on performance results: E-mail statistics provides general information related to e-mail traffic, includ- ing the number of incoming messages scanned by the anti-virus pro- gram, the number of protected or corrupted messages, and the overall...
  • Page 60 ® Kaspersky Anti-Virus for Sendmail with Milter API • Configuration changes. For new changes to take effect, you need to restart Kaspersky Anti-Virus using the kavmilter service script. The configuration file with the most re- cent changes will be reloaded. To start/stop/restart the application, use the following command line op- tions: start –...

  • Page 61: Managing The Application From The Command Line

    Additional setup The maximum number of restarts induced by watchdog is defined by the WatchdogMaxRetries parameter in the [kavmilter.global] section. To disable this parameter, set it to –1. The usage of the watchdog utility is regulated by the –f command line op- tion.

  • Page 62: Localization Of Displayed Date And Time Format

    ® Kaspersky Anti-Virus for Sendmail with Milter API stats – Write statistics on application performance to a file defined by the DataFile parameter; stop – Stop the application (stop filtering). 6.17. Localization of displayed date and time format While operating, Kaspersky Anti-Virus compiles reports for each of its components as well as various notifications for users and administrators.
  • Page 63 Additional setup –report – Enable non-interactive operation mode (the default mode is inter- active). If there are any problems requiring assistance from the user, the application will use default values to generate the report. –check – Automatically check application operation, configuration, and re- lated issues that may cause problems with Anti-Virus functionality.

  • Page 64: Chapter 7. Using Licenses

    CHAPTER 7. USING LICENSES The license for Kaspersky Anti-Virus is issued for a certain period (as a rule, it is one year from the purchase date) and is limited by either the daily mail traffic processed by the application or the number of protected email addresses. In the latter case, the application scans email traffic for the domains specified in the application configuration file and for the servers on which the application is installed.

  • Page 65: Viewing License Key Information

    Using licenses If your license is issued for the specified numbers of mail addresses, it will extend to all addresses of the domains listed in the application configuration file (LicensedUsersDomains parameter) and to all addresses of the server on which Kaspersky Anti-Virus is installed (the server addresses do not belong to the domain).

  • Page 66: License Extension

    ® Kaspersky Anti-Virus for Sendmail with Milter API Type: Commercial Expiration date: 17-11-2003, expires in 60 days Serial: 02B1-000454-00053BC Additional key info: Product name: Kaspersky Anti-Virus 5 Business Optimal 1 month Key file 00053E3D.key Type: Commercial Expiration date: expired Serial: 02B1-000454-00053E3 In order to review information about an installed license key: enter, for example, the following text in the command line: #./licensemanager -k 00053E3D.key...
  • Page 67 Using licenses In order to extend your license to use Kaspersky Anti-Virus for Send- mail with Milter API, you will need to: contact the company where you purchased the software and obtain an extension for your license to use Kaspersky Anti-Virus. extend the license duration directly through Kaspersky Lab by sending a message to the Sales Department (sales@kaspersky.com) or fill out an appropriate...

  • Page 68: License Key Removal

    ® Kaspersky Anti-Virus for Sendmail with Milter API 7.1.3. License key removal In order to remove your active key, enter, for example, the following text in the command line: #./licensemanager –da The following information will be output to the server console: Kaspersky license manager.

  • Page 69: Chapter 8. Compatibility With Other Kaspersky Lab Applications

    CHAPTER 8. COMPATIBILITY WITH OTHER KASPERSKY LAB APPLICATIONS Kaspersky Anti-Virus 5.0 for Sendmail with Milter API does not cause any compatibility problems when running concurrently with the following Kaspersky Lab applications for Unix/Linux platforms: • Kaspersky Anti-Virus 5.0.1-0 for Samba Servers installed under Linux SuSE 9.0.

  • Page 70: Chapter 9. Verfifying Proper Operation Of The Anti-Virus

    CHAPTER 9. VERFIFYING PROPER OPERATION OF THE ANTI-VIRUS When the installation and setup of Kaspersky Anti-Virus are complete, we recommend checking the settings and correct operation of the program using a test "virus" and modifications thereof. The test "virus" has been specifically developed by (The European Institute for Computer Antivirus Research) for verifying the operation of anti-virus products.
  • Page 71 verfifying proper operation of the anti-virus Table 1. Test "virus" modifications Prefix Object type Infected. The object is not cured. prefix, standard test “virus" CORR– Corrupted. SUSP– Suspicious (unknown virus code). WARN– Warning (modified code of a known virus). ERRO– Error.

  • Page 72: Chapter 10. Frequently Asked Questions

    CHAPTER 10. FREQUENTLY ASKED QUESTIONS This chapter is devoted to the most frequently asked questions users have pertaining to the installation, setup, and operation of the Kaspersky Anti-Virus; here we shall try to answer them in detail. Question: why does Kaspersky Anti-Virus cause a certain decrease of server performance noticeably loading the CPU? Virus detection is a purely computational (mathematical) problem con- nected with structural analysis, checksum calculation and mathematical...
  • Page 73 Frequently asked questions Question: what happens when a license to use the product expires? When your license to use Kaspersky Anti-Virus expires the software will continue operation, however, you will have no access to anti-virus data- base updates. The anti-virus software will cure infected objects, but it will use its old databases only.
  • Page 74 ® Kaspersky Anti-Virus for Sendmail with Milter API • your license key. Any of the following must be mentioned in your message: • a SCSI controller; • a very old or a new CPU or a multiprocessor configuration; • Less than 64 MB or more than 2 GB of RAM. Please indicate approximate amount of daily traffic and whether you have peak loads.
  • Page 75 Frequently asked questions tion scripts may have a non-standard location. In such cases, Kasper- sky Lab Technical Support will be unable to help you. Question: how do I decompress a .tgz or .tar.gz archive? Archives belonging to .tgz or .tar.gz types are decompressed using the following command: tar zxvf <archive_name>...

  • Page 76: Appendix A. Additional Information

    APPENDIX A. ADDITIONAL INFORMATION A.1. Application configuration file This appendix provides detailed explanation of every section of the kavmilter.conf file that is the default configuration file for Kaspersky Anti-Virus for Sendmail with Milter API on your server. The default values given here are recommended by Kaspersky Lab experts. The [kavmilter.global] section contains general parameters required for application startup and operation: RunAsUid=kav –...
  • Page 77 Appendix A AddXHeaders=yes –Adds a header with application information to a filtered email message. AddDisclaimer=no – Add a disclaimer text to each processed or generated message. You can customize this text by editing message_disclaimer template. The disclaimed text is added as a text part at the end of mes- sage, and does not affect or change the content of the original mes- sage.
  • Page 78 ® Kaspersky Anti-Virus for Sendmail with Milter API delete – Delete the protected object from the message and attach the corresponding notification. ErrorAction=skip – Apply the selected action to the corrupted object in a message that could not be scanned because of an error. Select one of the following options: warn –...
  • Page 79 Appendix A error – Messages that cannot be scanned due to an error. all – All the above types of messages. BackupDir=/var/db/kav/5.0/kavmilter/backup – Directory storing backup copies of messages. The [kavmilter.filter] section defines rules for message filtering: IncludeMime – MIME type of message attachments to be filtered. ExcludeMime –...
  • Page 80 ® Kaspersky Anti-Virus for Sendmail with Milter API drop – Accept the message but do not deliver it to the recipient. reject – Reject the message and return an error code to the sender. The [kavmilter.notifications] section contains standard notification options: EnableNotifications=yes –...
  • Page 81 Appendix A UseCustomTemplates=off – Enable using custom templates for generating notifications. To enable the mode, set the parameter to on. SenderSubject – Subject of the sender notification. ReceiverSubject – Subject of the recipient notification. AdminSubject – Subject of the administrator notification. The [kavmilter.log] section includes reporting options: LogFacility=syslog –...
  • Page 82 ® Kaspersky Anti-Virus for Sendmail with Milter API RotateRounds=10 – Number of report files created during rotation. When this number is reached, the application starts to overwrite the oldest one. The [kavmilter.statistics] section includes statistics options: TrackStatistics=none – Enable recording the following statistics: none –...

  • Page 83: Error Return Codes

    Appendix A AVBasesTestPath=/opt/kav/5.0/kavmilter/bin/avbasestest – Full path to the avbasestest utility used to check the anti-virus database integrity. If updates are not corrupted, they are copied from the temporary folder to the directory storing the anti-virus database. The [updater.options] section contains parameters that define the paths to critical directories used for updating.
  • Page 84 ® Kaspersky Anti-Virus for Sendmail with Milter API 3 – not enough privileges to change uid 4 – not enough privileges to change gid; 5 – cannot spawn filter child 6 – maximum number of retries for restarting application exceeded; 7 –...

  • Page 85: Appendix B. Malware In Unix Environment

    APPENDIX B. MALWARE IN UNIX ENVIRONMENT Viruses are much less frequent in Unix systems than, for example, under Windows, due to some peculiarities of those platforms. Trojan horses and network worms are less rare. Malicious programs spread through networks using various methods, including software "holes".

  • Page 86: Trojan Software

    ® Kaspersky Anti-Virus for Sendmail with Milter API files and changes their attributes to 777. At the same time it creates user snoopy with the rights 777 as well in the main password list of the infected workstation. Linux.Bliss is a group of non-resident viruses that infect Linux executables; these viruses are written in GNU C and have ELF format.

  • Page 87: Network Worms

    Appendix B utilities: FLOOD, MCB (Multiple Collide BOTs), SUMO BOTs, and FLASH – a special “flood" type for use in UNIX. The FLASH attack type is used for direct modem disconnection by sending a ping command with "incorrect" data in a certain sequence to a certain IP address.
  • Page 88 ® Kaspersky Anti-Virus for Sendmail with Milter API Activity algorithm: using the buffer overrun problem, the worm sends a short portion of its code to a remote computer. When the main worm compo- nent (start.sh file) starts, it opens a connection that successively downloads other components;...
  • Page 89 Appendix B Worm.Linux.Adm is an Internet worm that infects Linux systems. The worm sends a small portion of its code to remote computers, runs it there, downloads its main portion, and executes it. Infection source: via networks; the worm spreads by sending its copies (in- fecting remote Linux systems) using a hole in Linux protection (the so- called "buffer overrun"...

  • Page 90: Appendix C. Kaspersky Lab

    APPENDIX C. KASPERSKY LAB Kaspersky Lab Ltd. was founded in 1997. Now it is the best known Russian developer of a wide range of software products for data security, producing systems for protection from viruses, unsolicited e-mail (spam) and hacker attacks.

  • Page 91: Other Kaspersky Lab Products

    Appendix C C.1. Other Kaspersky Lab products ® Kaspersky Anti-Virus Personal Kaspersky Anti-Virus Personal provides anti-virus protection for home computers running Windows 98/ME, Windows 2000/NT, and Windows XP from all known virus types including Trojan software, Internet worms, script viruses, dangerous ActiveX and Java applets, etc.
  • Page 92 ® Kaspersky Anti-Virus for Sendmail with Milter API Kaspersky Anti-Hacker monitors network activity through the TCP/IP protocol for all applications installed on your computer. If suspicious actions of some application are detected, the program will notify you thereof and, if necessary, block network access for that application.
  • Page 93 Appendix C • file servers running Windows Server, Windows 2000 Server/Advanced Server, Novell Netware, FreeBSD and OpenBSD, Linux; • Microsoft Exchange 5.5/2000/2003, Lotus Notes/Domino, Postfix, Exim, Sendmail and Qmail mail gateways. Kaspersky Anti-Virus Business Optimal also includes a system for centralized deployment and management, Kaspersky Administration Kit.

  • Page 94: Our Contact Information

    ® Kaspersky Anti-Virus for Sendmail with Milter API collection of services, which allow identification and deletion of up to 95% of unwanted traffic. Kaspersky Anti-Spam is a filter installed on the "entry" to the corporate network, and it scans the incoming mail for spam. The software is compatible with any e- mail system installed on the customer’s network and it can be installed either on an existing mail server or on a specifically dedicated one.

  • Page 95: Appendix D. License Agreement

    APPENDIX D. LICENSE AGREEMENT Standard End User Licence Agreement NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT ("AGREEMENT") FOR THE LICENCE OF SPECIFIED SOFTWARE ("SOFTWARE") PRODUCED BY KASPERSKY LABS. ("KASPERSKY LABS"). IF YOU HAVE PURCHASED THIS SOFTWARE VIA THE INTERNET BY CLICKING THE ACCEPT BUTTON, YOU (EITHER AN INDIVIDUAL OR A SINGLE LEGAL ENTITY) CONSENT TO BE BOUND BY AND BECOME PARTY TO THIS AGREEMENT.
  • Page 96 ® Kaspersky Anti-Virus for Sendmail with Milter API usage terms specified on the applicable price list or product packaging that apply to any such Software products individually. 1.1 Use. The Software is licensed as a single product; it may not be used on more than one Client Device or by more than one user at a time, except as set forth in this Section.
  • Page 97 Appendix D "multiplexing" or "pooling" software or hardware) does not reduce the number of licences required (i.e., the required number of licences would equal the number of distinct inputs to the multiplexing or pooling software or hardware "front end"). If the number of Client Devices or seats that can connect to the Software exceeds the number of licences you have obtained, then you must have a reasonable mechanism in place to ensure that your use of the Software does not exceed the use limits specified for the licence you have obtained.
  • Page 98 ® Kaspersky Anti-Virus for Sendmail with Milter API and you explicitly consent to the transfer of data to other countries outside your own as set out in the Privacy Policy. (iv) "Support Services" means (a) Daily updates of the anti-virus database; (b) Free software updates, including version upgrades;...
  • Page 99 Appendix D warranty period. You shall provide all information as may be reasonably necessary to assist the Supplier in resolving the defective item; (v) The warranty in (i) shall not apply if you (a) make or cause to be made any modifications to this Software without the consent of Kaspersky Lab, (b) use the Software in a manner for which it was not intended or (c) use the Software other than as permitted under this Agreement;...
  • Page 100 ® Kaspersky Anti-Virus for Sendmail with Milter API (iii) Subject to paragraph (i), the liability of Kaspersky Lab (whether in contract, tort, restitution or otherwise) arising out of or in connection with the supply of the Software shall in no circumstances exceed a sum equal to the amount equally paid by you for the Software.

This manual is also suitable for:

Anti-virus 5.0 - for samba servers

Table of Contents