APPENDIX C. LICENSE AGREEMENT .................................................................... 107
CHAPTER 1. KASPERSKY
®
SMTP-GATEWAY 5.0
Kaspersky® SMTP-Gateway for Linux/Unix (hereinafter referred to as
Kaspersky SMTP-Gateway or the application) is designed for processing and
scanning SMTP mail traffic for viruses. The application is a full-featured mail
relay (compliant with IETF RFC internet standards) that runs under Linux,
FreeBSD and OpenBSD operating systems.
Kaspersky SMTP-Gateway allows to perform the following functions:
• Scan email traffic for viruses, including attached files and message
bodies.
• Detect infected, suspicious, corrupted, and password-protected at-
tachments and message bodies.
• Disinfect infected objects detected in email messages by scanning.
• Provide additional email traffic filtering by names and MIME types of
attachments and apply certain processing rules to the filtered objects.
• Maintain logs of all email messages sent and/or received by the application, if this is required by the internal security policy of the company;
• Provide protection against hacking attacks, block unwanted email
messages, provide the functions of an open mail relay of unsolicited
email messages;
• Limit the load on your server by configuring the application settings
and SMTP parameters.
• Notify senders, recipients, and the administrator of messages contain-
ing infected, suspicious, or corrupted objects.
• Automatically place infected, suspicious, and corrupted objects to the
quarantine or to the backup storage .
• Automatically update the anti-virus database from the Kaspersky
Lab’s update servers.
The application detects and disinfects infected objects using the anti-virus
database. During scans, the contents of each file are compared with the
sample code of known viruses contained in the database.
Kaspersky® SMTP-Gateway 5.0 7
Remember that new viruses appear every day. To keep your
network constantly protected from the latest threats, we recommend that you update your anti-virus database every 3 hours.
• Configure and manage Kaspersky SMTP-Gateway either from a re-
mote location using Webmin web interface, or locally, using standard
OS tools such as command line options, signals, by creating special
command files or by modifying the configuration file of the application.
• Monitor the antivirus protection status and view the statistics and application logs.
1.1. Licensing policy
The licensing policy for Kaspersky SMTP-Gateway imposes limitations on the
use of the product by the following criteria:
• Number of usersprotected by the application
• Email traffic (MB/day)
Each type of licensing is also limited by a certain period (typically one year or two
years from the date of purchase).
You can purchase a license limited by one of the above criteria (for example, by
the daily mail traffic).
The application has slightly different configuration parameters, depending on the
type of license you have purchased. Thus, if the license is issued for a certain
number of users, you will have to create a list of addresses (domains) that will
be protected by Kaspersky SMTP-Gateway. If the license allows protection of
the limited amount of email traffic, the application can be configured to notify the
administrator when the traffic volume reaches critical values and hence the
license is about to expire.
1.2. Hardware and software
requirements
Minimum system requirements for normal operation of Kaspersky SMTPGateway are as follows:
• Hardware requirements:
• Intel Pentium® processor (Pentium III or Pentium 4 recom-
mended)
8 Kaspersky
• at least 128 МB RAM
• 100 MB available space on your hard drive to install the appli-
cation
Note that the backup storage, quarantine, and logs of incoming
and outgoing mail are not included in the hard disk space required. If your network security policy requires the use of the
above features, extra disk space will be needed.
• at least 500 MB available space in the /tmp file system
• Software requirements:
• One of the following operating systems:
o Linux RedHat (version 7.3, 8.0 or 9.0), Linux SuSE (version
8.1, 8.2 or 9.0), or Linux Debian (version 3.0)
o FreeBSD versions 4.9 or 5.2.1
o OpenBSD version 3.4
• Perl interpreter, version 5.0 or higher (www.perl.org
the application.
• Webmin version 1.070 or higher (www.webmin.com
the remote administration module (optional).
®
SMTP-Gateway 5.0
) to install
) to install
1.3. Distribution kit
You can purchase Kaspersky SMTP-Gateway either from our dealers (retail
box) or online at one of our online stores (for example, www.kaspersky.com
follow the E-store link).
The retail box includes:
• a sealed envelope containing the installation CD
• a copy of this User Guide
• a license key file on the installation CD
• a license agreement
Before you unseal the envelope containing the CD, make sure you
have carefully read the license agreement.
If you buy the product online, you will download the installation file from the
Kaspersky Lab website. This installation file also includes this User Guide. The
–
Kaspersky® SMTP-Gateway 5.0 9
license key will either be included into the distribution kit or will be sent to you by
email after receiving your payment.
The License Agreement is a legal agreement between you and the manufacturer
(Kaspersky Lab Ltd.) that stipulates the terms and conditions under which you
may use the anti-virus product you have purchased.
Carefully review the License Agreement!
If you do not agree to the terms of the License Agreement, you may return the
product to your Kaspersky Anti-Virus dealer for a full refund provided that the
envelope with the installation CD has not been unsealed.
By opening the sealed envelope containing the installation CD, or by installing
the application, you confirm that you have accepted all the terms and conditions
of the License Agreement.
1.4. Help desk for registered users
Kaspersky Lab offers an extensive service package enabling registered
customers to boost the productivity of Kaspersky
If you register and purchase a subscription you will be provided with the following
services for the period of your subscription:
• new versions of this anti-virus software product provided free of
charge;
• phone or email support on matters related to the installation, configuration, and operation of the product you have purchased;
• information about new Kaspersky Lab products and about new computer viruses (available to subscribers of the Kaspersky Lab’s newsletter).
Kaspersky Lab does not provide information related to operation and
use of operating systems or other technologies.
SMTP-Gateway.
1.5. Conventions
Various formatting conventions are used throughout the text of this document
depending on the purpose of a particular element. The table below lists the
formatting conventions used.
10 Kaspersky
Convention Meaning
®
SMTP-Gateway 5.0
Bold font
Note.
Attention!
To do this,
1. Step 1.
2. …
Task or example
Solution
[option] – Function of the op-
tion
Text of information
messages and the command line
Menu titles, commands, window titles, dialog
elements, etc.
Additional information, notes
Critical information
Description of the sequence to actions to be
performed by the user
A task or an example of how to use the
product
A solution of the problem stated
Command line options
Text of configuration files, information
messages, and the command line.
CHAPTER 2. APPLICATION
DEPLOYMENT SCENARIOS
This chapter contains a detailed discussion of the application’s architecture and
operating principles as well as typical scenarios of its deployment.
2.1. Application architecture
The review of the functionality of the application must be preceded by a
description of its internal architecture.
Kaspersky SMTP-Gateway is a full-featured Mail Transfer Agent (MTA) able to
receive and route email traffic scanning email messages for viruses. Kaspersky SMTP-Gateway uses SMTP protocol options (RFC 2821), Internet message
format (RFC 2822), MIME format (RFC 2045-2049, 2231, 2646), and satisfies
the requirements to mail relays (RFC 1123). In accordance with anti-spam
recommendations (RFC 2505), the application uses its own relaying table to
prevent using of this application as an open relay. In addition, Kaspersky SMTP-Gateway supports the following SMTP protocol extensions:
• Pipelining – Enhances performance of servers supporting this mode of
operation (RFC 2920).
• 8-bit MIME Transport – Processes national language characters code
tables (RFC 1652).
• Enhanced Error Codes – Provides more informative explanations of
protocol errors (RFC 2034).
• DSN (Delivery Status Notifications) – Decreases bandwidth usage and
provides more reliable diagnostics (RFC 1891, 3461-3464).
• SMTP Message Size Declaration – Decreases the load and increases
transfer rate (RFC 1870).
Kaspersky SMTP-Gateway includes the following components:
• smtpgw - the main component – a full-featured mail relay with in-built
anti-virus protection;
• keepup2date – components that updates the anti-virus database by
downloading the updates from the Kaspersky Lab’s update server.
• Webmin – a module for remote administration of the application using
a web interface (optional installation). This component allows to configure and manage the anti-virus database updates, specify actions to
be performed on the objects depending on their status and monitor
the results of the application’s operation.
The smtpgw component (see Figure 1), in its turn, consists of the following
modules: Receiver (incoming mail receiver), Sender (module for sending
scanned messages), and AV module (module implementing the anti-virus
functionality).
Figure 1. Kaspersky SMTP-Gateway general architecture
®
SMTP-Gateway 5.0
The licensemanager components is used to manage license keys.
the keepup2date component updates the anti-virus database used for detecting
and disinfecting viruses.
2.2. How Kaspersky SMTP-Gateway
works
Kaspersky SMTP-Gateway works as follows (see Figure 2):
1. The mail agent receives email messages via the SMTP protocol and
passes them to the Receiver module.
2. The Receiver module performs the preliminary email processing using
the following criteria:
• presence of the sender’s IP address is in the list of blocked or
trusted addresses.
Application deployment scenarios 13
• compliance of the email message size (as well as the mail session and the total number of messages within the session) with
the specified limits specified in the application settings.
• compliance of the number of open sessions (from all IP addresses or a single IP address)with the specified limits specified
in the application settings.
If the message satisfies the preliminary processing, it is sent to the working
queue to be processed by the anti-virus engine.
3. The processing (scanning and disinfecting) procedure is as follows:
a. The AV module receives an object to be processed from the
working queue.
b. The AV module scans the object and, if this option is enabled,
disinfects it using the anti-virus database records. Then it passes
the scanned object to the ready-to-send message queue along with
the return code that indicates the object’s status.
c. The Sender module handles the object depending on the object’s
status, as defined by the settings stored in the configuration file.
4. Scanned messages together with the information on the scan and
disinfection results are transferred via the SMTP protocol to the onward
mail agent to be delivered to local end users or rerouted to other mail
servers.
Figure 2. Kaspersky SMTP-Gateway working queue.
5. If saving a backup copy in the backup storage or in the quarantine is
specified as the action to be performed on a message (see Figure 3),
the copy of the scanned object will be saved in the backup storage or in
the quarantine concurrently with sending it to the ready-to-send queue
(depending on the message status).
14 Kaspersky
®
SMTP-Gateway 5.0
6. If your network security policy requires logging of all outgoing e-mail
traffic, scanned messages will be automatically saved to the log
concurrently with sending them to the working queue.
Figure 3. Saving messages to the backup storage or the quarantine.
2.3. Typical deployment scenarios
Depending on the initial architecture of the mail server the following options of
Kaspersky Smtp-Gateway are provided:
• Install the application at the network perimeter on the same computer with
your mail system (recommended for Sendmail, Postfix and Exim mail systems).
• Install the application at the network perimeter on a dedicated server to
operate as an anti-virus filter (recommended for Sendmail, Postfix and
Exim mail systems).
• Install the application inside your existing mail system on the same com-
puter.
• Install the application inside your mail system on a dedicated server to
operate as an anti-virus filter.
The sections below discuss in detail the above scenarios and specify their
advantages.
Application deployment scenarios 15
The application, being a mail relay, does not include a local delivery
agent. Therefore, no matter which of the deployment scenarios is used,
a mail system (or mail systems) that delivers e-mail messages to the
local users within the protected domains is required!
2.3.1. Installing the application at the
network perimeter
The advantage of this option is that it improves the overall performance of your
mail system because it minimizes the number of transfer cycles for email
messages.
Besides, in this case the existing mail server of the company has no connection
to the Internet, which enhances your data's security. In addition, demilitarized
zones (DMZ) may be set up.
To install the application and the mail system on the same server, the following
algorithm is provided to ensure their joint operation:
1. Configure all interfaces of Kaspersky SMTP-Gateway to listen on
port 25 for incoming email traffic.
2. The application will scan and process email traffic and then pass
the processed objects the mail system of the company via a
different port (for example port 1025).
3. The mail system, configured to use a local interface, will deliver
messages to users.
When implementing this deployment scenario the following settings must be
configured:
The following steps are to be followed in order to install the application
and the mail system on the same server:
• Configure the application for receiving mail via port 25 on all network interfaces of the server. In order to do this, specify the following value in
section [smtpgw.network] of the configuration file:
ListenOn=0.0.0.0:25
• Specify in the routing table transferring all scanned messages to the mail
system via port 1025. In order to do this, specify the following value in
section [smtpgw.network] of the configuration file:
ForwardRoute=company.com [host:1025]
16 Kaspersky
®
SMTP-Gateway 5.0
where:company.com – protected company’s domain;
host – name of the mail server of the company.
• Change the settings of the existing mail system for receiving messages
from the application via port 1025. This will ensure receipt, anti-virus
scanning of all incoming mail messages and delivery of these messages
to the local users within the protected domains of the company.
• Specify the transferring of all messages received by the existing mail system via port 25 to the application. This will ensure anti-virus scanning of
all outgoing mail messages from the local users and delivery of such
messages to the internet.
• Specify the list of all local domains of the company by modifying the value
of parameter ProtectedDomains in section [smtpgw.network] of the
configuration file of the application (special symbols "*" and "?" can be
used). Mail messages for the specified domains will be scanned and licensed (a detailed description of the configuration file see section A.2,
page 74).
Application configuration for this deployment scenario will be implemented by default during the process installation.
The application operation algorithm, when the application is installed on a
dedicated server, is similar to operation on the same server, but the settings for
this scenario will differ.
When installing the application to a dedicated server, follow the below
instructions.
• Configure the application for receiving mail via port 25 on all network interfaces of the server. In order to do this, specify the following value in
section [smtpgw.network] of the configuration file:
ListenOn=0.0.0.0:25
• Specify in the routing table transferring all scanned messages to the mail
system via port 25. In order to do this, specify the following value in section [smtpgw.network] of the configuration file:
ForwardRoute=company.com [host:25]
where:company.com – protected company’s domain;
host – name of the mail server of the company.
• Specify the list of all local domains of the company by modifying the value
of parameter ProtectedDomains in section [smtpgw.network] (special
Application deployment scenarios 17
symbols "*" and "?" can be used). Mail messages for the specified domains will be scanned and licensed.
This deployment scenario is the most convenient, especially if the installation of Kaspersky SMTP-Gateway is performed concurrently with
the deployment of the network and of the company’s mail system.
2.3.2. Installing the application inside your
mail system
If you install the application inside your mail system, the advantage is that the
information and settings for the anti-virus software installed on the server are not
available on the Internet. Besides, if the application is installed inside the mail
system on the dedicated server, this provides for the possibility to distribute the
load among several servers performing anti-virus scan.
The following algorithm is provided for joint operation of the application and the
mail system installed on the same server:
1. Duplicate your mail system and configure one of them to listen to port
25 and receive email messages via all available interfaces.
2. This mail system forwards all incoming messages through the local
interface via a different port (port 1025, for instance) to the application
for scanning.
3. The application scans the email messages for viruses and forwards
scanned and processed messages to the second mail system on a
different port (for example, port 1026).
4. The second mail system delivers email to the local users.
This deployment scenario is recommended if you are sure of the reliability of your mail system. The installation of the application will not
affect the stability of your mail system.
In general, installation on a dedicated server is similar to the above procedure.
Besides, when installing the application on a dedicated server, you can create
and run several copies of the application on different servers. This can help you
distribute the anti-virus processing load among several servers.
To implement this scenario:
Specify the list of all local domains of the company by modifying the value
of parameter ProtectedDomains in section [smtpgw.network] (special
18 Kaspersky
®
symbols "*" and "?" can be used). Mail messages for the specified domains will be scanned and licensed.
Deploying Kaspersky SMTP-Gateway may require changes of all settings within the mail clients throughout the company so that all outgoing
mail messages will be delivered to the application that will pass the
messages to the external network after an anti-virus scan.
If the network includes a firewall or demilitarized zones (DMZ’s), it is
necessary to provide mail clients and internal and external networks
servers with access to the installed application to ensure joint operation
and routing of the mail traffic.
SMTP-Gateway 5.0
CHAPTER 3. INSTALLING
KASPERSKY ANTI-VIRUS
SMTP-GATEWAY
Before installing Kaspersky SMTP-Gateway, it is necessary to:
• Make sure that your system meets the minimum system requirements
(see section 1.2 on page 7).
• Configure your Internet connection (optional; it is necessary for updating the anti-virus database).
• Log in to the system as root or as a privileged user.
3.1. Installing Kaspersky SMTPGateway under Linux
For servers running the Linux operating system, Kaspersky SMTP-Gateway is
distributed in three different installation packages, depending on the type of the
installation program for your OS.
You can use an rpm package to install Kaspersky SMTP-Gateway under Linux
Red Hat and Linux SuSe.
To install Kaspersky SMTP-Gateway from the rpm package, enter the
following in the command line:
rpm –i smtpgw-linux-5.0.x-yy.i386.rpm
If you are installing the application from the rpm package, after the files
have been copied to your server, run the postinstall.pl script to
perform post-installation configuration.
Under Linux Debian, Kaspersky SMTP-Gateway installation is performed from a
deb package.
To initiate installation of Kaspersky SMTP-Gateway from the deb
package, enter the following command in the command line:
dpkg –i smtpgw-linux-5.0.x.yy.deb
20 Kaspersky
After you enter the command, Kaspersky SMTP-Gateway will be installed
automatically.
You can also use a universal distribution file for all Linux OS. Use this distribution
file if your Linux version does not support the rpm or deb formats or if your
network administrator does not wish to use (or cannot use) a built-in package
manager.
The universal Kaspersky SMTP-Gateway distribution file is supplied as an
archive (tar.gz).
To install Kaspersky SMTP-Gateway from the universal distribution
file, do the following:
1. Copy the archive of the distribution file to a file system directory on
your server.
2. Extract the archive using command
tar -xvf smtpgw-linux-5.0.x.yy.tar.gz
The archive contains the installer and the file tree of the application
distribution file that will be extracted by the above command.
3. Run the following installation script:
cd smtpgw-install
./install.sh
After you enter the command, Kaspersky SMTP-Gateway will be installed
automatically.
®
SMTP-Gateway 5.0
3.2. Installing KAV SMTP-Gateway
on a server running FreeBSD or
OpenBSD
The distribution file for installation of Kaspersky SMTP-Gateway on servers
running FreeBSD or OpenBSD OS is supplied as a pkg package.
Installing Kaspersky Anti-Virus SMTP-Gateway 21
To initiate installation of Kaspersky SMTP-Gateway from a pkg pack-
age, enter the following in the command line:
pkg_add smtpgw-freebsd-4.x-5.0.x.yy.tgz
or:
pkg_add smtpgw-freebsd-5.x-5.0.x.yy.tgz
or:
pkg_add smtpgw-openbsd-3.4-5.0.x.yy.tgz
After you enter the command, Kaspersky SMTP-Gateway will be installed
automatically.
3.3. Installation steps
Installation errors can occur for a number of reasons. If an error message is displayed, make sure that your computer satisfies the minimum
system requirements listed in section 1.2 on page 7 and that you have
logged on to the system as a root.
To install the application on the server, follow the steps below:
Step 1. Preparing the system
At this stage, the system creates the system group and user account for the application. The default group is kavusers and the default user account is ka-vuser. In future, the application will start under this user account (not root) to
provide additional security to your system.
Step 2. Copying application files to your server
The installer starts copying files to the installation directory on your server: A
detailed description of the directories to the application files will be copied, see
section A.1, page 70.
For Linux: /opt/kav/5.0/smtpgw
For OpenBSD and FreeBSD: /usr/local/share/kav/5.0/smtpgw
Step 3. Post-installation tasks
The post-installation configuration includes the following steps:
22 Kaspersky
• Configuring the smtpgw component (see section 3.4 page 22).
• Installing and registering the license key.
• If you have no license key at the time of installation (for example, if
you purchased the application via the Internet and have not received
the license key yet), you can activate the application after installation
before its first use. For details see section 5.4, page 46. Note that if
the license key is not installed, the anti-virus database cannot be updated and the smtpgw component cannot be run during the installation process. You will have to do it manually, after the key is installed.
• Configuring the keepup2date component.
• Updating the anti-virus database.
You must install the anti-virus database before using the application. The procedure of detecting and disinfecting viruses relies on
the use of the anti-virus database records that contain description
of viruses known at the moment and the methods of disinfecting
these viruses. Anti-virus scanning and processing of email messages cannot be performed without the anti-virus database.
• Installing the Webmin module.
The Webmin module for remotely managing the application can be installed
correctly only if the Webmin application is located in the default directory. After Webmin is installed, you will receive detailed instructions on how to configure the module to work with the application.
• Running the smtpgw component.
®
SMTP-Gateway 5.0
If, after installation, Kaspersky SMTP-Gateway has not started working
as required, check the configuration settings. Pay special attention to
the port number you specified for receiving mail traffic. You may also
view the application log file.
After you properly complete these steps, a corresponding message on the server
console will appear.
3.4. Configuring Kaspersky SMTPGateway
Immediately after the files have been copied to your server, system configuration
process will start. Depending on the package manager you use, the configuration
process will either be started automatically or (if the package manager does not
Installing Kaspersky Anti-Virus SMTP-Gateway 23
allow the use of interactive scripts, such as rpm), some additional actions will
have to be performed by the administrator.
If you are using the rpm installation package, enter the following command to start configuration after the files are copied to your server:
/opt/kav/5.0/smtpgw/setup/postinstall.pl
The configuration process includes the following tasks:
• Setting up (by the administrator) of the server name that will be used
to identify the application in the SMTP-protocol commands when creating the DNS and notifications (the [smtpgw.network] section,
Hostname parameter). Enter the host name using the following format: <*.*>.
• Setting up the domain name that will be used to:
• Assign the Postmaster address ([smtpgw.network] section,
Postmaster parameter)
• Assign the sender’s return address for notifications
([smtpgw.options] section, NotifyFromAdress parameter)
• Define the administrator’s address ([smtpgw.options] section,
AdminNotifyAddress parameter)
• Allow incoming mail to this domain ([smtpgw.options] section,
Rule parameter).
Enter the domain name using the following format: <*.*>.
• Defining the interface and port that listens to the incoming email traffic
( [smtpgw.network] section, ListenOn parameter). Type the port
name and the IP address in the format <x.х.х.x:y>, where:
x.х.х.x is the IP address, and
y is the port number.
• Specifying local network identifiers ([smtpgw.access] section, Rule
parameter). This value is used to assign rules for message delivery
and processing, for example, rules specific for your organization concerning mail processing, or blocking email messages from external
servers, etc. Specify the values using the following formats:
<x.х.х.x>, <x.х.х.x/y.y.y.y>, or <x.х.
х.x/y>, where:
x.х.х.x is the IP address, and
y.y.y.y or y is the subnet mask.
24 Kaspersky
®
SMTP-Gateway 5.0
• Specifying the server to which all processed messages will be forwarded ([smtpgw.forward] section, the ForwardRoute parameter).
Type the host name in the format <x.х.х.x:z>, where:
x.х.х.x is the IP address, and
z is the port number.
• Modifying the application configuration file
If all the above steps have been successfully completed, the configuration file will
have all settings that are required to start working with the application.
After the system is installed and configured, it is recommended that you
check the settings for Kaspersky SMTP-Gateway and test its performance. For more details, see Chapter 8 on page 66.
Installing Kaspersky Anti-Virus SMTP-Gateway 25
CHAPTER 4. UNINSTALLING
KASPERSKY SMTPGATEWAY
To uninstall Kaspersky SMTP-Gateway, you should have root privileges. If you
are currently logged under a user account with lesser privileges, log on as a
root.
The uninstallation process will automatically stop the application!
When you are uninstalling Kaspersky SMTP-Gateway, the application will be
stopped, and all files and directories created during installation will be deleted.
However, files and directories created or modified by the administrator, such as
the application configuration file, notification templates, and the quarantine and
backup directories, archives of received and sent messages, anti-virus
databases, license key file, will remain.
There are several different ways to run the uninstall procedure, depending on the
package manager you used. Below is a detailed discussion of these options:
If you installed the application from the rpm package, type the following
string to uninstall Kaspersky SMTP-Gateway:
rpm -e <package_name>
If you installed the application from the deb package, type the following
string to uninstall Kaspersky SMTP-Gateway:
dpkg -r <package_name>
If you installed the application from the universal package (tar.gz),
type the following string to uninstall Kaspersky SMTP-Gateway:
/opt/kav/5.0/smtpgw/setup/uninstall.pl
If you installed the application from the pkg package, type the
following string to uninstall Kaspersky SMTP-Gateway:
pkg_delete <package_name>
After the application has been successfully removed from your server, you will
see a corresponding message on your screen.
CHAPTER 5. USING KASPERSKY
SMTP-GATEWAY
APPLICATION
Using Kaspersky SMTP-Gateway, you can build a comprehensive anti-virus
protection system for email messages transferred through the mail server of your
organization.
The anti-virus protection system is based on the performance of tasks that
represent major functionality of the application.
All tasks implemented by the application may be divided into two major groups:
1. Anti-virus protection of email messages.
2. Updating of the anti-virus database used to detect and disinfect
infected objects.
Each of the above groups include more specific tasks. In this chapter, we will
discuss tasks that the administrator can combine and enhance depending on the
needs of his/her organization.
This guide contains a description of how to locally configure and start tasks from
the command line. Issues related to starting and managing tasks from remote
computers using the Webmin application are not considered in this document.
In all examples below, it is assumed that the administrator has completed all required post-installation tasks and the application operates
correctly.
5.1. Updating anti-virus database
The application detects viruses and disinfect infected objects based on the antivirus database records that contain description of all viruses known at the
moment and the methods used to disinfect objects infected by this viruses.
The keepup2date module is included into the architecture of KasperskySMTP-
Gateway to provide various types of updates. The source of updates are
Kaspersky Lab’s update servers, such as:
ftp://downloads1.kaspersky-labs.com/updates/, etc.
The updcfg.xml file included in the installation package lists the URLs of all
available Kaspersky Lab’s update servers.
To update the anti-virus database or application modules, the keepup2date
component first selects an address from the list of update servers and tries to
download updates from this server. If the server is currently unavailable, the
application connects to another server, trying to download updates. After the
database has been successfully updated, a command specified as the value of
parameter PostUpdateCmd in section [updater.options] of the configuration
file will be executed. By default, this command will automatically restart the
application; it is not recommended to alter this command.
All settings of the keepup2date component are stored in the [updater.*]
sections of the configuration file.
If your network has a complicated structure, we recommend that you download
updates from Kaspersky Lab’s update servers every three hours and place them
to a network directory. To keep other networked computers constantly updated,
configure the local computers to copy the updates from this directory. For
detailed instructions on how to implement this updating scenario, see
section 5.1.3 on page 29.
We urgently recommend that you set the application to update your
anti-virus database every 3 hours!
You can also configure the updating process to run at a certain time by using the
cron utility (see section 0 on page 27) or manually, from the command line (see
section 5.1.2 no page 28).
All Kaspersky Lab’s applications that have the keepup2date component
can be automatically updated.
: view the list of all Kaspersky Lab’s applications that can be up-
Task
dated.
Solution
: in order to implement this task, enter in the command line:
keepup2date –i
This will print to the screen the list that includes the names of all Kaspersky Lab’s
applications that include the keepup2date component as well as their application
ID’s.
28 Kaspersky
®
SMTP-Gateway 5.0
5.1.1. Automatic anti-virus database
updating
You can schedule the application to automatically update the anti-virus database
using the cron program.
Task
: Configure the application to automatically update your anti-virus
database every day at 07.00 a.m. An update server should be selected
from the updcfg.xml file. Only errors encountered in the component
operation should be recorded in the system log. Keep a general log of
all task executions. Output no information to the console.
Solution
1. In the configuration file, specify the appropriate values for the
2. Edit the file that sets the rules for the cron process (crontab –e) by
For Linux:
For FreeBSD and OpenBSD:
: To accomplish the above tasks, do the following:
You can start updating your anti-virus database from the command line at any
time.
Using Kaspersky SMTP-Gateway application 29
: To start updating of the database and save updating results in the
Task
/tmp/updatesreport.log file.
Solution
user that have the rights of a privileged user) and enter in the command
line:
#keepup2date –l /tmp/updatesreport.log
If you need to update the anti-virus database on several server, it may be more
convenient to download the updates from an update server once, save them to a
shared directory, and then update the databases on other computers from this
directory.
Task
/home/kavuser/bases
or empty, update the database from Kaspersky Lab’s update servers.
Save the results to file /tmp/updatesreport.log.
Solution
user that have the rights of a privileged user) and do the following:
1. In the application configuration file, enter the appropriate values for
2. Enter the following string in the command line:
: To accomplish the task, log in as a root user (or as any other
: Start the updating of the anti-virus database from the
shared directory. If this directory is inaccessible
: To accomplish the task, log in as a root user (or as any other
the following parameters:
[updater.options]
UpdateServerUrl=/home/kavuser/bases
UseUpdateServerUrl=yes
UseUpdateServerUrlOnly=no
#keepup2date –l /tmp/updatesreport.log
You can accomplish these or similar tasks remotely using the Webmin
remote administration module.
5.1.3. Creating a shared directory for
storing and sharing database
updates
To update the anti-virus databases correctly on local computers from the shared
directory, you need to create in this directory a file structure that is similar to that
30 Kaspersky
of Kaspersky Lab’s update servers. This is a complicated task that deserves a
detailed explanation.
: Create a shared local directory from which the local computers
Task
will be able to update the anti-virus database.
®
SMTP-Gateway 5.0
Solution
user that have the rights of a privileged user) and do the following:
1. Create a local directory.
2. Run the keepup2date component as follows:
3. Allow local computers on your network to access this directory.
: To accomplish this task, log in as a root user (or as any other
keepup2date –u rdir
where rdir is the full path to the directory created.
5.2. Anti-virus protection of email
traffic
Anti-virus filtering of mail traffic is the most main task of Kaspersky SMTPGateway.
The application is used to protect users against infected messages, and to
deliver only clean or disinfected messages, along with information on scanning
results for every message.
Additional filtration of messages by names and attachment types decrease the
load on the server when scanning email traffic for viruses. This represents only a
part of the application’s functionality. There is an extended discussion of the
application’s functionality below, in the sections describing specific protection
tasks.
All smtpgw settings are located in the [smtpgw.*] sections of the application configuration file.
5.2.1. Creating groups of
recipients/senders
Recipients/Senders group is defined as pairs of recipient/sender email
addresses. A particular email message may be assigned to a particular group
Loading...
+ 82 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.