ESET NOD32 ANTIVIRUS - FOR LINUX MAIL SERVERS Installationshandbuch

NOD32 for Linux/BSD Mail ServerInstallation Manualand User’s documentationw e p r o t e c t d i g i t a l w o r l d s

10e-mail header | From: . | To: -------------------------- e-mail body | text of e-mail body . | . | content of lms_sig_header_infect

Chapter 4:Integration with E-mail Messaging System4 Integration with E-mail Messaging System

12This chapter describes integration of the NOD32LMS/NOD32BMS with the variety of known email messaging systems. Knowledge of e-mail messaging system

134.1. Scanning of inbound e-mail messagesScanning of the inbound e-mail messages is performed during the messages transfer between MTA and

14conguration will be broken as the new version of MDA will cancel the link to nod32mda module.4.1.2. Setting of NOD32MDA (in MTA) as MDAThis section

15not a full-blown MDA, it is rather a wrapper; the ‘mda_path‘ parameter in this case has the following format:mda_path=“/usr/lib/sm.bin/sensible-md

16recipient user to nod32mda module using its command line interface. Note that in case you would like to pass any command line parameter to the whole

17nod32mda module rst. Still there remains to provide that all messages processed by nod32mda will be passed back to QMail’s program for further mess

18condition=“${ifeq{$received_protocol}{virus-scanned}{0}{1}}“ transport = nod32_transport verify = falseNote that above entry has to be placed a

19parameter has to be dened as follows:command=/opt/eset/nod32/bin/nod32mda-oMrvirus-scanned$local_part@$domain\ ----user$local_part4.1.2.5.

2Table of contents1. Introduction ... 32. Installation ...

20/etc/init.d/nod32d reloadTo accomplish the whole procedure, one has to restart the MTA Exim.Note that NOD32LMS/NOD32BMS provides you with the opti

21case you use ipchains (resp. iptables) tool for network ltering an appropriate rules will be as follows.Kernel 2.2.X:ipchains-IINPUT-ptcp-s19

224.3. Content Filtering in MTAContent ltering method is in the present a well known method used to screen and/or exclude certain dened information

234.3.2. Content ltering in MTA SendmailThe nod32sm module is a third-party program with the purpose to serve as a content lter for MTA Sendmail. U

24and place it as a rst in the DIRECTORS CONFIGURATION section and you have to dene special ROUTERS CONFIGURATION entry:#ROUTERSC

25user to nod32mda agent, the parameter ‘command‘ dened in TRANSPORTS CONFIGURATION entry must by as follows:command=/usr/bin/nod32mda-oMrvirus-s

26NOD32 conguration le. In case the absolute path to the exim is ‘/usr/sbin/exim‘ the parameter ‘mda_path‘ will be as follows:mda_path=“/usr/sbin/

27To accomplish the whole procedure, one has to restart the MTA Qmail.4.4. Alternative methods of content lteringAlthough mechanisms described in pre

28@virusname=($output=~/virus=“([^“]+)“/g); do_virus(); }else{ do_log(0,“Virusscannerfailure:$nod32cli(errorcode:$errval)“); } }No

29###http://www.eset.com/ [’ESETSoftwareNOD32CommandLineInterfacev2.52’, ’/opt/eset/nod32/bin/nod32cli’,’--subdir{}’, [0],[1,2],qr/virus=“

Chapter 1:Introduction1 Introduction

NOD32 for Linux/BSD Mail Server

Chapter 5:Important NOD32LMS/NOD32BMS Mechanisms5 Important NOD32LMS/NOD32BMS Mechanisms

325.1. User Specic CongurationUser Specic Conguration mechanism is implemented in the product in order to provide user with enhanced congura

335.2. Handle Object PolicyThe Handle Object Policy (see gure 5-1) is a mechanism that provides handling of the scanned objects depending on their sc

34server_addr = “localhost“ server_port=2525In the following we provide the [smtp] section with the reference to special conguration le ’nod32smtp

35accepted without scanning.Please, note the character ’|’ placed in front of the header name of the special section in case of sender address and not

NOD32 for Linux/BSD Mail Server

Chapter 6:NOD32 System Update and Maintenance6 NOD32 System Update and Maintenance

386.1. Basic concept of NOD32 system updateIn order to keep the anti-virus system eective, it is necessary to keep NOD32 virus signatures databse up

39module (nod32.005) and ThreatSense.NET support module (nod32.006) in the directory:/var/lib/nod32resp. in RedHat Ready and Novell (SuSE) Ready varia

4Dear user, you have acquired NOD32 for Linux/BSD Mail Server - NOD32LMS/NOD32BMS - probably the best anti-virus system running under the Linux/BSD OS

NOD32 for Linux/BSD Mail Server

Chapter 7:Tips and Tricks7 Tips and Tricks

42This chapter is devoted to describe tips and tricks concerned with conguration of NOD32LMS/NOD32BMS. This means it describes conguration of NOD32L

43data encryption in communication between local MTA and Internet and still use the ’content ltering’ methods. In MTA Sendmail content ltering there

NOD32 for Linux/BSD Mail Server

Chapter 8:Let us know 8 Let us know

46Dear user, this guide should have given you a good knowledge about the product installation, conguration and maintenance. However, writing a docume

Chapter 2:Installation2 Installation

6This product is distributed as a binary le. Its format for Linux OS is:nod32ls.i386.ext.binwhere ’ext’ is a Linux OS distribution dependent sux, i.

Chapter 3:Product’s Roadmap3 Product’s Roadmap

8Once the product package has been successfully installed, it is time to become familiar with its content.The structure of the NOD32LMS/NOD32BMS is sh

9/etc/nod32Note that in case of RedHat Ready and Novell (SuSE) Ready variation of the NOD32 for Linux Mail Server the conguration and authoriz