|
|
|||||||
|
|
Thread Tools | Search this Thread |
|
#1
June 2nd, 2009, 10:20 AM
|
|||
|
|||
ESET Mail Security for Debian - 32 bit 3.0.15 under Ubuntu Server 9.04
Hi all,
I'm working with a couple of customers integrating ESET Mail Security for Debian - 32 bit 3.0.15 under Ubuntu Server 9.04, using postfix. Installation is normal as manual says. My /etc/esets/esets.cfg looks like this. root@mib:~# cat /etc/esets/esets.cfg | grep ^[^#] [global] syslog_facility = "syslog" syslog_class = "error:warning:summ:summall:part:partall:info:debug" action_av = "scan" av_clean_mode = "standard" action_av_infected = "discard" action_av_notscanned = "discard" action_av_deleted = "discard" av_quarantine_enabled = yes action_as = "accept" action_as_spam = "discard" action_as_notscanned = "discard" av_update_period = 60 av_update_username = "EAV-00000000" av_update_password = "mmmmmmmmm" as_update_period = 60 [wwwi] agent_enabled = yes listen_addr = "0.0.0.0" listen_port = 8443 username = "admin" password = "admin" [mda] mda_path = "/usr/bin/procmail" [smtp] [smfi] [http] [ftp] [icap] [pop3] [imap] [pac] action_av_deleted = "accept" [dac] action_av_deleted = "accept" [scan] av_clean_mode = "none" root@mib:~# Problem : Customers claim antispam is not working. Using www interface -> control -> statistics; i can see a lot of mails coming to mail server but none is marked as SPAM. What is wrong with configuration?. I have read the manual http://www.eset-la.com/manuals/eset_...ecurity_ES.pdf (spanish). So dont RTFM me please. In page 22 manual says something about "av_enabled (Anti-Virus Enabled)" and "as_enabled (Spam Detect Enabled)" parameters, but i cant find them in /etc/esets/esets.cfg. Are they necesary? Aditional info, removed Amavi-new and spamassassin and using ESET Solution only. Log file says : Jun 2 10:12:05 mib esets_daemon[20589]: debug[506c0000]: Using configuration for section `wwwi' Jun 2 10:12:05 mib esets_daemon[20590]: debug[506e0000]: License registration key(s) control Jun 2 10:12:05 mib esets_daemon[20590]: debug[506e0000]: License: product name: ESET Mail Security, expiration date: 2009-07-31 20:00:00, license filename: `/etc/esets/license/esets_e54c64.lic' Jun 2 10:12:05 mib esets_daemon[20590]: debug[506e0000]: Start anti-virus modules update and reload Jun 2 10:12:05 mib esets_daemon[20590]: debug[506e0201]: Connection request from agent 'wwwi' accepted Jun 2 10:12:05 mib esets_daemon[20590]: debug[506e0201]: Searching for section `wwwi' user `' in configuration Jun 2 10:12:05 mib esets_daemon[20590]: debug[506e0201]: Using configuration for section `wwwi' Jun 2 10:12:05 mib esets_wwwi[20592]: debug[50700000]: ESETS WWW Interface module, version 3.0.15, (C) 2009 ESET, spol. s r.o. Jun 2 10:12:05 mib esets_wwwi[20592]: debug[50700000]: Dump global esets_wwwi setting information Jun 2 10:12:05 mib esets_wwwi[20592]: debug[50700000]: Syslog facility - syslog_facility = "syslog" Jun 2 10:12:05 mib esets_wwwi[20592]: debug[50700000]: Enable classes of syslog - syslog_class = "error:warning:summ:summall:part:partall:info:debug" Jun 2 10:12:05 mib esets_wwwi[20592]: debug[50700000]: Listen address - listen_addr = "0.0.0.0" Jun 2 10:12:05 mib esets_wwwi[20592]: debug[50700000]: Listen port - listen_port = 8443 Jun 2 10:12:05 mib esets_wwwi[20592]: debug[50700000]: Server is listening on 0.0.0.0:8443 root@mib:~# There is no mention about an AntiSpam Module. Any help? Thanks in advance Guido R. Rolon A. HS S. A. (Integrating Linux Solutions) grolon@hs.com.py |
|
#2
June 23rd, 2009, 10:42 AM
|
|||
|
|||
|
Re: ESET Mail Security for Debian - 32 bit 3.0.15 under Ubuntu Server 9.04
This is a shame. There is no support from ESET to solve this problem.
Comming from unix/linux suppor for 15 years i can say this problem is solved using old school skills. Theres is NO documentation about this, no PDF downloaded from ESET sites will you you the answer. No forum could help. Here it is. In order to get antispam working under any linux distro you have to do this procedure in addition to official ESET manual of ESET Mail Security. In /etc/esets/esets.cfg modify these parameters # action_as = "accept" this is default. Does nothing. AntiSpam module is not working. Accept anything. # action_as = "reject" Reject everything, nothing will be delivered to user. # action_as = "discard" Discard everything, nothing will be delivered to user. action_as = "scan" # This is the only option to activate AntiSpam module. action_as_spam = "accept", "defer", "discard", "reject" what do you want to do when spam is comming ?. action_as_notscanned = "accept", "defer", "discard", "reject" what do you want to when objects could not be scanned by Anti-Spam scanner. After changing theres parameters, fisrt update all modules; then restart. NOTICE : you mail server could be out of service until update proccess is finished. I run: root@mib:~# date; /etc/init.d/esets_daemon restart; date jue jun 18 15:25:04 PYT 2009 Restarting ESET Security for Linux: esets_daemon Updating anti-virus modules... Anti-virus modules update done(this is easy) Start first time anti-spam modules update, it may take several minutes, please wait... error[582c0000]: Anti-spam modules update failure: Network error, disabling anti-spam. . jue jun 18 15:44:17 PYT 2009 root@mib:~# I have included date command in order to know how long takes update proccess, official support said could not be more than 10 minutes, BTW this info is not docummented, but it took more than 35 minutes. For some reasons you will not be adviced that an update proccess is taking place. If you can see a message like error[582c0000]: Anti-spam modules update failure: Network error, disabling anti-spam. Just repeat the procces and wait. Or, you can update it manually: root@mib:~# esets_update Virus signature database has been updated successfully. Installed virus signature database version 4180 (20090623). root@mib:~# Finally, you cand see your log if activated Jun 19 17:31:25 mail esets_daemon[31846]: debug[7c660000]: Anti-virus modules update and reload done Jun 19 17:31:25 mail esets_daemon[31846]: debug[7c660000]: Start anti-spam modules update and reload Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: New version of anti-spam module(s) found and loaded Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '1', version 2009.06.18.20.24.30 Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '2', version 2005.02.11.04.44.13 Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '3', version nil Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '4', version nil Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '5', version 2009.04.13.23.00.00 Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '6', version 2007.02.13.01.23.26 Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '7', version nil Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '8', version nil Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '9', version 2009.05.12.18.49.27 Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '10', version 2009.06.19.21.01.01 Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '11', version 2009.06.19.01.40.01 Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '12', version 2009.06.19.21.26.11 Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '13', version nil Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '14', version nil Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam module '15', version 2009.05.22.21.00.02 Jun 19 17:31:50 mail esets_daemon[31846]: debug[7c660000]: Anti-spam modules update and reload done [root@mail postfix]# Astispam module is updated. Official support said this is documented under manpage. You tell me if you find it and why make it so difficult root@mib:~# man esets.cfg action_as = action type: string default: action = "accept" Defines action to be performed on all e-mail messages approaching Anti-Spam control. Possible values are "scan", "accept", "defer", "discard", "reject". Note that the values above are handled individually by every ESETS agent module. Thus to get description of the values please, refer to section HANDLE OBJECT POLICY of manual page of an appropriate agent. action_as_spam = action type: string default: action = "accept" Specifies the action performed on e-mail messages found as spam. Possible values are "accept", "defer", "discard", "reject". Note that the values above are handled individually by every ESETS agent module. Thus to get description of the values please, refer to section HANDLE OBJECT POLICY of manual page of an appropriate agent. action_as_notscanned = action type: string default: action = "accept" Specifies the action performed on objects that could not be scanned by Anti-Spam scanner. Possible values are "accept", "defer", "discard", "reject". Note that the values above are handled individually by every ESETS agent module. Thus to get description of the values please, refer to section HANDLE OBJECT POLICY of manual page of an appropriate agent. root@mib:~# man esets_mda action_av_deleted, action_as, action_as_spam and action_as_notscanned. To get description of these configuration options, see esets.cfg(5) manual page. action_av |accept||scan||defer,discard,reject| -> object not accepted | | | action_av_infected | action_av_notscanned | action_av_deleted | |accept||defer,discard,reject| -> object not accepted | | | action_as | |accept||scan||defer,discard,reject| -> object not accepted | | | | | action_as_notscanned | | |accept||defer,discard,reject| -> object not accepted | | | +-------+-------+ object accepted Every e-mail message processed by this module is first handled with respect to the setting of the configuration option action_av. Once the option is set to âacceptâ (resp. âdeferâ, âdiscardâ, ârejectâ) the object is accepted (resp. deferred, discarded, rejected). If the option is set to âscanâ the object is scanned (resp. also cleaned if requested by configuration option av_clean_mode) for virus infiltrations and set of action configuration options action_av_infected, action_av_notscanned and action_av_deleted is taken into account to evaluate further handling of the object. If action âacceptâ has been taken as a result of the three above action options the object processed shall be scanned for spam. Note that the e-mail message is scanned for spam only in case the configuration option action_as is set to âscanâ. In this case the action configuration options action_as_spam and action_as_notscanned is taken into account. If action âacceptâ (resp. âdeferâ, âdiscardâ, ârejectâ) has been taken as a result of the two above action options the object is accepted for further delivery (resp. the object is deferred, discarded or rejected). You have probably noticed that each of the action configuration options discussed above accepts a variety of the values whose list can be found in esets.cfg(5) manual page. As also stated there the values listed are handled individually by every ESETS agent module. Thus to be consistent in the folâ lowing we review the meaning of the values for this ESETS agent module. accept Accept object on this level of Handle Object Policy, i.e. access to the object is allowed by the particular action configuration option. scan Scan object for virus infiltrations (resp. for spam) and clean infected objects if requested by configuration option av_clean_mode. defer Return temporary failure to sender. discard Accept object from sender, but drop it afterward. reject Return permanent error to sender. Sorry my poor english, i hope this can help anybody using or trying this product under linux. NOTE : this procedure is GPLed. Just keep my name on it. Feel free to cantact me. Guido R. Rolon. A. grolon@hs.com.py grolon@gmail.com Last edited by grolon : June 23rd, 2009 at 10:49 AM. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
