Using Unix Socket For An Extra Security - AVG Linux E-mail Server User Manual

AVG Linux Email Server / User Manual

5.3. Using Unix Socket for an Extra Security

You can take advantage of launching the AVG Anti-Virus e-mail scanning daemon
within the same account as the e-mail content scanner (AMaViS or Qmail-
Scanner). Moreover, the e-mail scanning daemon can create a Unix socket and
listen on it then in order to increase the e-mail scanning security. The socket is
created and also destroyed by the daemon automatically with the proper access
rights and ownership (e. g. amavis when the daemon is running under the amavis
account).
To enable the using of the socket, follow these steps (you must be logged in as
root):
Uncomment the line with the unixSocketName parameter in the
/ect/avg.conf AVG for Linux E-mail Server configuration file. You can also
change the parameter value if necessary (the default value is
/tmp/avg.sock). See chapter
on the configuration file.
In the /opt/grisoft/avg7/etc/init.d/avgdinit.conf file, change the SUSER
parameter value to the name of the user who is supposed to run the e-mail
scanning AVG Anti-Virus daemon (for example amavis).
Finally, you must change the configuration file of the respective e-mail content
scanner (AMaViS or Qmail-Scanner). For example, in the case of the
preferred amavisd-new scanner the AVG Anti-Virus related section of the
/etc/amavisd.conf file should look like as follows:
['AVG Anti-Virus', \&ask_daemon, ["SCAN {}\n", '/tmp/avg.sock'], qr/^200/,
qr/^403/, qr/^403 .*?: (.+)/ ]
Note: The on-access scanning must be running under the root account. So if you
change the user who is running the daemons in the /etc/init.d/avgd file, you will
disable the on-access scanning! You have to resolve the trade-off between the on-
access scanning and increased e-mail scanning security.
Copyright (c) 1992-2006 GRISOFT, s.r.o. All rights reserved.
8. Configuration File for detailed information
20
www.grisoft.com