background image

Appendix

Avira GmbH

Avira AntiVir MailGate

64

9

Appendix

9.1

Glossary

Term

Meaning

cron (daemon)

A daemon which starts other programs at specified times.

Daemon

A background process for administration on UNIX systems. On 
average, there are about a dozen daemons running on a computer. 
These processes usually start up and shut down with the computer.

Demo version

Without a license file, Avira AntiVir MailGate runs as a demo version. 
An Avira banner is inserted in every email. The automatic update 
function is not available, so you will have to download new virus 
definitions and scan engine versions manually from our website.

Eicar

The European Institute for Computer Antivirus Research offers a test 
virus for testing antivirus programs. More details at:
http://www.eicar.org

Logfile

also: Report file. A file containing reports generated by the program 
during run-time when a certain event occurs.

Malware

Generic term for "foreign bodies" of any type. These can be 
interferences such as viruses or other software, which the user 
generally considers as unwanted (see also Unwanted Programs).

MIME

Multipurpose Internet Mail Extensions: Internet extensions for 
integrating binary files in Internet emails. MIME supports so-called 
multipart emails, to allow various file types in an email or binary 
attachments and HTML emails.

MTA

Mail Transfer Agent: a program that sends emails via SMTP. For 
example, Sendmail, Postfix, Exim.

Quarantine directory

The directory where infected files are stored to block the user’s access 
to them. (for example, 

rejected

)

root

The user with unlimited access rights (such as system administrator on 
Windows) 

Scan engine

AntiVir software module, which controls the search for viruses and 
unwanted programs.

SAVAPI

Secure AntiVirus Application Programming Interface

Script

A text file containing commands to be executed in UNIX (similar to 
batch files in DOS).

SMTP

Simple Mail Transfer Protocol: protocol for email communication on 
the Internet.

Содержание AntiVir MailGate

Страница 1: ...Avira AntiVir MailGate MailGate Suite www avira com User Manual...

Страница 2: ...on the MTA 20 4 6 Testing AntiVir MailGate after Installation 25 5 Configuration 26 5 1 MailGate Spool Directories 27 5 2 MailGate Configuration in avmailgate conf 28 5 3 Spam Filter Configuration Av...

Страница 3: ...and Symbols Page 4 Abbreviations Page 5 1 1 Introduction We have included in this manual all the information you need on Avira AntiVir MailGate and it will guide you step by step through installation...

Страница 4: ...r optimum settings of Avira AntiVir MailGate components on your system 6 Operation Commands and parameters for running the Scannerandthequeuemanager reactionswhen viruses and unwanted programs are det...

Страница 5: ...r lib AntiVir User entries Choose component Select all Elements of the software interface such as menu items window titles and buttons in dialog windows http www avira com URLs Signs and Symbols Page...

Страница 6: ...s the alternative operating systems are increasingly targeted by virus programmers Therefore virus protection on UNIX will still be needed in the future This is why we have developed Avira AntiVir Mai...

Страница 7: ...igurable spam filter available in Avira MailGate Suite scanning of mailboxes isolation of suspicious and infected files configurable notification functions for the administrator and for the email send...

Страница 8: ...un as an independent server using port 25 SMTP or it can be started by the Internet superdaemons inetd or xinetd Scanner and Forwarder daemon The forwarder daemon reads the emails stored in the spool...

Страница 9: ...on the number of users in the network who are to be protected by Avira AntiVir MailGate The license is contained in a license file named hbedv key You will receive it by email from Avira GmbH It cont...

Страница 10: ...U 32 bit or 64 bit UNIX Running AntiVir software on 64 bit UNIX systems requires the ability to execute 32 bit binaries For instructions about checking and eventually enabling this behavior please ref...

Страница 11: ...unix local path to file Example unix path to file local path to file If necessary the ForwardTo entry has to be set to the Sendmail binary If the default value is correct the option has to remain unc...

Страница 12: ...and outgoing emails Reliable on access detection of viruses and malware Configurable reaction when viruses or malware are detected Isolation of infected or suspicious files in a quarantine directory...

Страница 13: ...while sending information to filter R timeout while reading an answer from filter E timeout between sending the End of message and the response from the filter Generate sendmail cf X Insert the corres...

Страница 14: ...grate the program with another MTA or for example with Lotus Domino you can find further information in the related files INSTALL sendmail INSTALL exim INSTALL qmail INSTALL postfix etc This Chapter c...

Страница 15: ...e prof version will be created in the temporary directory 4 2 Licensing You need a license to run AntiVir MailGate see Licensing Concept Page 9 The license file hbedv key is delivered by email It cont...

Страница 16: ...talls Avira Updater z optional installs the GUI support for Avira SMC Security Management Center Preparing installation 3 The program files have been downloaded from the Internet and unpacked X Login...

Страница 17: ...update copying Enter the path to your key file 2 Configuring updates An internet updater is available with version 3 1 2 1 of AVIRA MailGate UNIX It will ensure that you always have the latest virus s...

Страница 18: ...want to install the SMC plugin or n and Enter to skip it The following message appears when the script is finished X Depending on your MTA proceed with the installation as described in Further Install...

Страница 19: ...The steps are the same in all cases X Open the directory where you unpacked AntiVir MailGate For example cd tmp antivir mailgate prof version X Type install The installation script runs as described a...

Страница 20: ...ove the cronjobs you made for MailGate and Scanner X Answer the questions with y or n and press Enter Avira AntiVir MailGate is removed from your system 4 5 Further Installation Steps Depending on the...

Страница 21: ...and add the following entries Router for AntiVir MailGate antivir_mailgate debug_print R AntiVir MailGate for local_part domain driver manualroute transport antivir_mailgate_transport route_list loca...

Страница 22: ...in sendmail usr sbin sendmail X Establish the email forwarding mode Refer to the file etc avmailgate conf for the following line Select how mail should be forwarded X Change these entries as below Sen...

Страница 23: ...2 1 X Edit the lines as follows usr bin tcpserver D R v p x etc tcprules d qmail smtp cdb u QMAILDUID g NOFILESGID 0 smtp backdoor var qmail bin qmail smtpd 2 1 Configuring Postfix There are two ways...

Страница 24: ...avmailgate restart X Add the following entry in etc postfix master cf service type private unpriv chroot wakeup maxproc command args yes yes yes never 50 smtp inet n n smtpd For AntiVir Mail daemon l...

Страница 25: ...ing AntiVir MailGate it is recommended thatyou test its functionality To do this you can use a test virus called Eicar which is recognized by all virus scanners This will not cause any damage but it w...

Страница 26: ...are provided with default values which are suitable for most set ups Some entries are deactivated or commented out using and they can be activated by deleting the sign Starting with MailGate 3 0 0 unk...

Страница 27: ...anned z outgoing scanned emails that can be forwarded z rejected emails containing a virus unwanted program or classified as problematic due to a MIME error for example Spool files In these directorie...

Страница 28: ...ing to your preferences X Restart MailGate to activate the new settings usr lib AntiVir avmailgate restart The entries in avmailgate conf are described below in thematic groups These entries only infl...

Страница 29: ...y This directory contains temporary files such as attachments currently being scanned for viruses or unwanted programs Sufficient space is required for unpacked attachments If not set the TMPDIR envir...

Страница 30: ...and if set in the logfile Possible values 0 disabled 5 all messages DebugLevel 0 Listen Address IP address The address and the port on which the SMTP daemon listens AntiVir MailGate listens on all ne...

Страница 31: ...l incoming emails This default setting should not be changed RefuseEmptyMailFrom NO RFC2821 RFC821 and RFC2505 recommend that all emails even without the sender s address should be accepted by an SMTP...

Страница 32: ...eter AcceptLooseDomainName also allows incorrect domain names If the setting is NO and the domain name for message delivery is not correct depending on source routing the message is rejected If the se...

Страница 33: ...he email is not scanned If the recipient address is virus firm the email is not scanned In this case the R flag is optional virus firm R is equal to virus firm When starting AntiVir MailGate maillog w...

Страница 34: ...meout Defines the maximum timeout in seconds for receiving a reply to the final dot of the DATA command and QUIT command after sending the message not in milter mode SMTPDataPeriodTimeout 600 Max Forw...

Страница 35: ...activated YES this option blocks mails containing an archive which is part of a multivolume archive BlockPartialArchive NO Block Extensions Blocking emails with certain extensions You can configure M...

Страница 36: ...email body If the setting is NO the email contains no additional information default AddStatusInBody NO If the setting is YES z If a file named body state exists in the template subdirectory of the p...

Страница 37: ...given value in bytes are unpacked and scanned e g 2KB 2 Kilobytes 3MB 3 Megabytes ArchiveMaxSize 0 ArchiveMax Ratio Blocking mail bombs Blocks so called mail bombs with a very high compression ratio Y...

Страница 38: ...euristics for macroviruses in documents HeuristicsMacro yes Heuristics Level Win32 Heuristics Sets the detection level of Win32 Heuristics Available values are 0 off 1 low 2 medium and 3 high Heuristi...

Страница 39: ...e to retry forwarding an email not in milter mode The value can be given in seconds minutes hours or days see above ForwarderRetryDelay 30m Throttle Message Count This option is necessary if too many...

Страница 40: ...eader 0 AddXHeader Adding X header not in milter mode If the setting is YES the queue ID and information on scan status will be included in the header of the email For example X AntiVirus checked by A...

Страница 41: ...ile usr lib AntiVir gui cert cacert pem GuiCertFile usr lib AntiVir gui cert server pem GuiCertPass antivir_default GuiRandFile path to file If these parameters are missing or not valid the GUI is not...

Страница 42: ...erous IFrameAction Performs the set action when detecting a dangerous iframe DangerousIFrameAction TAG Dangerous Alert Action Performs the set action when the spam filter classifies emails as dangerou...

Страница 43: ...tag it tag_dangerous_alert If the mail contains a dangerous alert tag it tag_dangerous_iframe If the mail contains a dangerous iframe tag it Example of etc asmailgate except spam somewhere tld i black...

Страница 44: ...switch the GTUBE detection on set this option to YES and restart Avira MailGate SpamFilterDetectGTUBE NO SpamFilter Startup Timeout This option specifies how long should Avira MailGate wait for the e...

Страница 45: ...t system value is lower than the default OpenMax 1024 DBSupport If this option is enabled MailGate writes statistics into a database The database consists in two tables alerts logs information about e...

Страница 46: ...g any changes If the socket file exists delete it and only change the owner group of the directory In etc avmailgate conf Change the option User Group Change the owner group of the directory and its s...

Страница 47: ...tial malicious code Default ReportLevel 0 ScanTemp The directory used by the scanner to store temporary files such as unpacked archives or locked files Default ScanTemp var tmp LogFileName Path to the...

Страница 48: ...n Optionally you can use another file to set the warning messages etc avmailgate warn Beside avmailgate conf this file controls the alert emails sent to the recipient sender and postmaster A command f...

Страница 49: ...e text of the email Keywords The files alert and patho may contain the following keywords which are replaced by the appropriate text Keyword Text SENDER The email address of the infected email sender...

Страница 50: ...RM Your email SUBJECT AntiVir ALARM AntiVir has discovered the following in the email sent from your address ALERTS This email has not been sent but isolated on your server Please scan your system imm...

Страница 51: ...servers internet srvs http dl1 pro antivir de http dl2 pro antivir de http dl3 pro antivir de master file Specifies the master idx file master file idx master idx install dir Specifies the installati...

Страница 52: ...s log messages log var log avupdate log log append By default the logfile is overwritten You can use this option to append the logfile log append Integration into Avira Security Management Center SMC...

Страница 53: ...lGate as described in Installation Page 14 the program is automatically started and stopped by the system However you may need to start and stop AntiVir MailGate manually Any changes in configuration...

Страница 54: ...pe usr lib AntiVir avmailgate restart The program restarts after showing the following message Checking AntiVir MailGate status X Type usr lib AntiVir avmailgate status The program shows information o...

Страница 55: ...stop and status too A acl file Defines an alternative acl file instead of the default etc avmailgate acl i The SMTP daemon runs in inetd mode with SMTP conversation via stdin and stdout For more info...

Страница 56: ...ails in the queue is displayed In the first row you will see the name of the displayed queue For example Queue rejected At the end of the list you will see the number of emails in the queue 5 mails in...

Страница 57: ...X Find out the ID of the email AntiVir MailGate indicates the ID of the email in its logs and in the email sent to the postmaster You can apply the following parameters to the outcome Parameter Descri...

Страница 58: ...MailGate indicates the ID of the infected email in its logs and in the email sent to the postmaster X Type the command where ID is the ID of the infected email usr lib AntiVir avmailgate bin avq deli...

Страница 59: ...s postmaster can send alerts to senders and or recipients of infected emails z According to the avmailgate conf settings infected files can be further processed by external programs or scripts These p...

Страница 60: ...ts X Use the command usr lib AntiVir avupdate product product As product you can use Scanner recommended to update the scanner engine and vdf files MailGate complete update MailGate scanner engine and...

Страница 61: ...he scanner engine and vdf files MailGate complete update MailGate scanner engine and vdf files X Start the update process to test the settings usr lib AntiVir avupdate product product where product ta...

Страница 62: ...iVir program Another optional service is the AntiVir Premium Support which in addition to the scope of the AntiVir Classic Support allows you to contact expert partners at any time even after business...

Страница 63: ...Avira GmbH Avira AntiVir MailGate 63 8 3 Contact Address Avira GmbH Lindauer Strasse 21 D 88069 Tettnang Germany Internet You can find further information on us and our products by visiting http www a...

Страница 64: ...rtain event occurs Malware Generic term for foreign bodies of any type These can be interferences such as viruses or other software which the user generally considers as unwanted see also Unwanted Pro...

Страница 65: ...fferent logfiles The syslog daemon configuration is in etc antivir conf Unwanted programs The name for programs that do not directly harm the computer but are not wanted by the user or administrator o...

Страница 66: ...ing and during installation If there are other users connected to your computer you should set the following rules for protection against viruses X Use a test computer to check downloads of new softwa...

Страница 67: ...evious written consent from Avira GmbH Errors and technical subject to change Issued Q1 2009 AntiVir is a registered trademark of the Avira GmbH All other brand and product names are trademarks or reg...

Отзывы: