eMail Server: Version 3
rpm -Uhv PACKAGE_NAME
/etc/postfix/master.cf
and make
sure the following line is included:
localhost:10025 inet n - n - - smtpd -o content_filter=
SuSEconfig --module postfix
/etc/postfix/main.cf
and
append the following line:
content_filter = vscan:
rcpostfix reload
E-mail messages are still accepted via port 25 of Postfix and handed over to AMaVIS. If necessary, AMaVIS extracts the messages and transfers them to a scanner. After scanning, the messages are returned to Postfix on port 10025, if no virus has been detected. Otherwise, the mail admin receives a notification accordingly and the e-mail is isolated and not delivered.
Infected messages are isolated by AMaViS in the directory
/var/spool/vscan/virusmails/
. The attachments included
in these mails are temporary extracted in /var/spool/vscan/amavis/
.
Therefore, it is advisable to put the directory /var/spool/vscan
on a separate partition to guarantee sufficient hard disk space is
available. This will also avoid affecting the space requirements of the user
mail boxes and the whole system.
The instructions describe how to install AMaViS along with the virus scanner
antivir
from the company H+B EDV.
We absolutely recommend you upgrade the virus sample file.
Refer to the manufacturer for this purpose.
If you want to use a different virus scanner, install it instead of the package
antivir.rpm
then proceed with the installation of the rest of the
packages in the order mentioned above. Finally, edit the file /usr/sbin/amavis
and insert the path to your virus scanner in the corresponding
section. A list of the supported
scanners and some helpful information is available in the directory
/usr/share/doc/packages/amavis-postfix/
of the installed AMaViS, as well as
on the AMaVIS home page.
An example of a new scanner entry follows.
# KasperskyLab AntiViral Toolkit Pro (AVP) my $avp = "/opt/AVP/AvpLinux"; my $AVPDIR = dirname($avp);
To remove the entry for a scanner, change
it as follows:
Before:
my $avp = "/opt/AVP/AvpLinux";
my $avp = "";
A test file like eicar.com
enables you to
test the functioning of the virus scanner.
Attention: The test is performed at your own risk!
Background information is provided at the URL below.
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
eicar.com
The mail admin should now obtain a notification about a possible virus. In this case, it is not a real virus, but merely a test that can be carried out with most virus scanners. However, never send this test file to other e-mail servers! Further information on this test can be found at http://www.eicar.org/anti_virus_test_file.htm.
SDB-kngu_slems3_amavis
)