ESET MAIL SECURITY, Installation Manual

Page: 17 / 42

17
The email server receives data communication using SMTP (Simple Mail Transfer Protocol)
communication. The received message is transferred by MTA either to another remote email
messaging system or is delivered using local MDA into a particular MAILBOX. In most cases, each
local network user owns a MAILBOX located on the server. Note that it is the responsibility of the
user’s local MUA to provide the function of downloading and correctly interpreting the message
at the user’s computer. When retrieving data from MAILBOX, the MUA typically uses POP3 (Post
Office Protocol) or IMAP (Internet Message Access Protocol) to communicate with the MTA. The
SMTP protocol is used to send data to the Internet.
The ESETS operating principle is based on data communication interception and scanning at
the various phases of its transfer. The interception locations are marked in figure 5-1 by symbols
S1, S2, S3 and S4.
S1 - Bi-directional email message scanning, such as content filtering in MTA.
S2 - Scanning of inbound email messages, such as messages with a target address which is
located inside the local domain.
S3 - Scanning of outbound email messages, such as messages bound to a remote Internet
domain.
S4 - Scanning of email messages being downloaded from POP3/IMAP server.
The remainder of this chapter reviews methods for integrating ESETS with a variety of
supported messaging systems.
5.1. Bi-directional email message scanning in MTA
Bi-directional email message scanning mode allows the user to scan inbound email messages
as well as outbound, using the same implementation algorithm. The bi-directional content filter
method is MTA dependent. ESET Mail Security comes with four content filters that are built for
the most common MTA programs, such as MTA Sendmail, Postfix, Exim, QMail and ZMailer.
Check that your MTA is properly configured and running. Then, configure ESET Mail Security
for bi-directional email message scanning by running the following script:
/usr/sbin/esets_setup
Select MTA and content filter install options. The ESETS module being used is also displayed.
Note that the installer backs up all modified configuration files and can display every
command that it will execute after your approval. It can also be used for uninstalling. Detailed
steps for all possible scenarios are described in appendix A of this documentation.
5.2. Scanning of inbound email messages
Inbound email message scanning is performed during message transfer between MTA and
MDA. Incoming emails are intercepted by the
esets_mda
module, scanned by the ESETS daemon
and delivered to MAILBOX using the original MDA. As shown in figure 5-1, virus scanning can
be enabled by setting the proper configuration of MTA and the
esets_mda
module. ESET Mail
Security supports most common MTA programs, such as MTA Sendmail, Postfix, Exim, QMail
chapter 5 Integration with Email messaging system