Manualshelf

Installation manual

ManualsBrandsESET ManualsSoftwareNOD32 ANTIVIRUS - FOR LINUX MAIL SERVERS
21222324252627282930
29
9.7 Setting ESETS for outbound email message scanning
Outbound email message scanning is performed using the
esets_smtp
daemon. In the
[smt p]
section of the ESETS configuration
file, set these parameters:
agent_enabled = yes
listen_addr = "192.168.1.0"
listen_port = 2525
where
‘listen_a ddr
is the address of the local network interface named if0. Then, restart the ESETS daemon. The next step is to
redirect all SMTP requests to
esets_smtp
. If IP-filtering is being performed by the ipchains administration tool, an appropriate
rule would be:
ipchains -A INPUT -p tcp -i if0 --dport 25 -j REDIRECT 2525
If IP-filtering is being performed by the iptables administration tool, the rule is:
iptables -t nat -A PREROUTING -p tcp -i if0 --dport 25 -j REDIRECT --to-ports 2525
On FreeBSD, the rule is as follows:
ipfw add fwd 192.168.1.10,2525 tcp from any to any 25 via if0 in
On NetBSD and Solaris:
echo 'rdr if0 0.0.0.0/0 port 25 -> 192.168.1.10 port 2525 tcp' | ipnat -f -
W a r ning :
Your MTA may accept all connections without extensive checking from
esets_smtp
because those connections are
local. By using your own firewall rules, make sure you do not create an open relay, i.e., allow someone from the outside to
connect to
esets_smtp
and use it as a relay SMTP server.
9.8 Setting ESETS for scanning of POP3 communication
The POP3 communication scanning is performed using
esets_p o p 3
daemon. In the
[pop3 ]
section of the ESETS configuration
file, set these parameters:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 8110
where
‘listen_a ddr
is the address of the local network interface named if0. Then restart the ESETS daemon. The next step is to
redirect all POP3 requests to
esets_p o p 3
. If IP-filtering is being performed by the ipchains administration tool, an appropriate
rule is:
ipchains -A INPUT -p tcp -i if0 --dport 110 -j REDIRECT 8110
If IP-filtering is being performed by the iptables administration tool, the rule would be:
iptables -t nat -A PREROUTING -p tcp -i if0 --dport 110 -j REDIRECT --to-ports 8110
On FreeBSD, the rule is as follows:
ipfw add fwd 192.168.1.10,8110 tcp from any to any 110 via if0 in
On NetBSD and Solaris:
echo 'rdr if0 0.0.0.0/0 port 110 -> 192.168.1.10 port 8110 tcp' | ipnat -f -
9.9 Setting ESETS for scanning of IMAP communication
The IMAP communication scanning is performed using the
esets_im a p
daemon. In the
[ima p]
section of the ESETS configuration
file, set these parameters:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 8143
where
‘listen_a ddr
is the address of the local network interface named if0. Then restart the ESETS daemon. The next step is to
redirect all IMAP requests to
esets_im a p
. If IP-filtering is being performed by the ipchains administration tool an appropriate
rule would be:
ipchains -A INPUT -p tcp -i if0 --dport 143 -j REDIRECT 8143
If IP-filtering is being performed by the iptables administration tool, the rule is: