Installation manual

ManualsBrandsESET ManualsSoftwareNOD32 ANTIVIRUS - FOR LINUX MAIL SERVERS

/etc/init.d/nod32d reload

To accomplish the whole procedure, one has to restart the MTA Exim.

Note that NOD32LMS/NOD32BMS provides you with the option to dene NOD32 scanning engine parameters

individually for recipient users (resp. recipient domains). In this case it is necessary to pass the information about

the recipient user to nod32mda module using its command line interface. Note that in case you would like to pass

any command line parameter to the whole nod32mda agent it is necessary to prepend the parameter by sentence ‚-

-‘, otherwise the parameter will be assumed to be passed to ‘exim‘ specied by the ‘mda_path‘ parameter. Thus for

instance to pass command line option --user to nod32mda agent, the parameter ‘command‘ dened in TRANSPORTS

CONFIGURATION entry must by as follows:

command=/usr/bin/nod32mda-oMrvirus-scanned$local_part@$domain\

----user$local_part

resp. in case of RedHat Ready and Novell (SuSE) Ready variation of NOD32 for Linux Mail Server used, the ’command’

parameter has to be dened as follows:

command=/opt/eset/nod32/bin/nod32mda-oMrvirus-scanned$local_part@$domain\

----user$local_part

4.2. Scanning of outbound e-mail messages

Scanning of the outbound e-mail messages is performed during transfer of e-mail messages between the local MUA

and the MTA. A more detailed scheme of the process is shown in the gure 4-3.

The most important part of scanning the outbound messages is done by the nod32smtp module.

This lter is a resident program (daemon) that performs in general three functions:

• receives data via INET socket,

• extracts e-mail/s and feeds nod32d (scanning daemon) to scan it,

• forwards the e-mail to another port or computer.

The operation principle of outbound e-mail messages scanning is based on the following idea. We congure a

nod32smtp daemon to listen to communication incoming to port 2525 of the email server computer and forward the

scanned communication to port 25 of the same computer where, typically, the MTA daemon listens to. To congure

nod32smtp to intercept outbound email messages the following parameters must be specied in section [smtp] of the

main NOD32 conguration le.

agent_enabled = yes

listen_addr = “localhost“

listen_port=2525

server_addr = “localhost“

server_port=25

To reread the newly created NOD32 conguration,

enter the following command.

/etc/init.d/nod32d reload

So far this is just half of the job. The second part that

has to be done is automatic redirection of all the packets

arriving on port 25 of the server computer to port 2525. In

NOD32D

NOD32SMPT

INTERNET

FILEMTA

TCP port 2525TCP port 25

Local Network 192.168.1.0/24

Figure 4-3. The scheme of the scanning of outbound e-mail

messages by using nod32smtp module.

NOD32 for Linux/BSD Mail Server