Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Jaco Bongers on June 19, 2003, 11:45:14 AM
-
For those who are interested in installing AntiVir on SME 5.6:
http://www.caw.co.za/modules.php?name=Forums&file=viewtopic&t=6
As always, any feedback would be much appreciated.
Jaco
-
Jaco,
I'm fairly sure that this is commercial software and is only free for personal use. You probably should point this out on your website.
-
Lloyd
Will add it to the Howto. Thanks
Jaco
Lloyd Keen wrote:
>
> Jaco,
> I'm fairly sure that this is commercial software and is only
> free for personal use. You probably should point this out on
> your website.
-
if you use this software only for private use, you can request a license for free on the manufacturer homepage www.antivir.de
cheers
klaus
-
I just installed it according to your how-to,- and it looks like it is working. :-)
This bit:
"1. Edit /etc/services and add the line:
smtp-backdoor 825/tcp #Backdoor port for QMail for avscan to work "
is not needed as the following template will create the line for you.
Apart from that, your instructions were very good.
I sent the EICAR test virus out and it was duly stopped. Also, as far as I can tell everything else related to mails works.
I would suggest people take a good look in the /etc/avmailgate.conf file and go through all of the settings. It doesn't take long and it is very well documented with remarks.
One small issue: The warnings from the mailgate do not have a "Date:" field, so Mozilla mail thinks they are from 1970, and that is a bit messy. Do you know anything about that or should I write the antivir.de guys?
Cheers,
Jens
-
There is a small problem with RAR archives. According to the German/(English) forum at
http://www.free-av.de/cgi-bin/ubb/ultimatebb.cgi?ubb=get_topic&f=19&t=000229
newer format RAR archives can *not* be scanned. However , before panic sets in, please be adviced that PC-Cillin from Trend-Micro just failed the same test! So it is probably not that big a deal.
Here is a list of supported formats (all internal, external not supported):
------------------------------------------------
ZIP
ZIP SFX (self extracting)
ARJ
ARJ SFX (self extracting)
TAR (tape archiver)
GZ
ZOO
Lzexe
Pklite
UUEncoded (+.XXEncoded)
TNEF (Microsoft)
MIME
BinHex (Mac)
MSCOMPRESS
LZH (+.LHA)
LZH (+.LHA) SFX (self extracting)
RAR
RAR SFX (self extracting)
JAR (Java archive)
-
Can I use this howto for 5.5?
Are there any specific details that are specific to 5.6?
Thanks,
Cyrus Bharda
-
Please see:
http://www.free-av.de/cgi-bin/ubb/ultimatebb.cgi?ubb=get_topic&f=21&t=000513
for a few additional quirks.
-
After install it said it was running in DEMO mode. Went to the their website but could not find license...how would I install the licenses if I was able to obtain it?
Thx.
Jehu.
-
Go to: http://www.hbedv.com/private and register
Place the file they send you in /usr/lib/AntiVir (with the other files).
Cheers,
Jens
-
Cyrus
I haven't tested it on 5.5, but see no reason why it wouldn't work. Maybe you can test it for us :)
Jaco
Cyrus Bharda wrote:
>
> Can I use this howto for 5.5?
>
> Are there any specific details that are specific to 5.6?
>
> Thanks,
>
> Cyrus Bharda
-
Jehu
See the end of te HOWTO
Jaco
Jehu wrote:
>
> After install it said it was running in DEMO mode. Went to
> the their website but could not find license...how would I
> install the licenses if I was able to obtain it?
>
> Thx.
>
> Jehu.
-
Jaco,
Smart minds think alike, testing ring now :-)
Cyrus Bharda
Jaco Bongers wrote:
>
> Cyrus
>
> I haven't tested it on 5.5, but see no reason why it
> wouldn't work. Maybe you can test it for us :)
>
> Jaco
>
> Cyrus Bharda wrote:
> >
> > Can I use this howto for 5.5?
> >
> > Are there any specific details that are specific to 5.6?
> >
> > Thanks,
> >
> > Cyrus Bharda
-
Jaco,
Just a quick question, in step 4 of your howto, you say edit the ForwardTo line to sendmail or smtp-backdoor, what is the difference between the two?
I choose smtp-backdoor because in the rest of the howto you refer back to it.
Also do you have to remove the leading # before the ForwardTo line or just edit the line?
Example:
# ForwardTo
OR
ForwardTo
Other than that I have successfully installed it on 5.5, well no errors to report, just got to download eicar and test it out :-)
When are you going to put this up on contribs.org?
Thanks for writing this howto!
Cyrus Bharda
Jaco Bongers wrote:
>
> Cyrus
>
> I haven't tested it on 5.5, but see no reason why it
> wouldn't work. Maybe you can test it for us :)
>
> Jaco
>
> Cyrus Bharda wrote:
> >
> > Can I use this howto for 5.5?
> >
> > Are there any specific details that are specific to 5.6?
> >
> > Thanks,
> >
> > Cyrus Bharda
-
Jaco,
It worked great:
* * * * * * * * * * * * * * * AntiVir ALERT * * * * * * * * * * * * * * *
This version of AntiVir is licensed for private and non-commercial use.
AntiVir has detected the following in a mail sent through your server:
Eicar-Test-Signatur virusEicar-Test-Signatur virus (x2)Eicar-Test-Signatur virus (x3)Eicar-Test-Signatur virus (x4)
The mail was not delivered.
It has been quarantined with the following queue id:
03243-535AFBAC
But what do I do now?
Where does it quarantine it?
How can I set it to just delete infected files/emails?
Well your howto works perfectly on 5.5u6!
Thanks again!
Cyrus Bharda
-
Cyrus
I updated the HOWTO in step 4. Hope it clears up the matter. Feedback is much appreciated.
-- Update
4. Edit also /etc/avmailgate.conf and modify the following entries:
#ForwardTo /usr/sbin/sendmail -oem -oi
# Or if you want the mail to be sent by SMTP
ForwardTo SMTP: localhost port smtp-backdoor
*Note the # indicates a comment line. Remove the # in the ForwardTo SMTP line to enable the command. Do not remove the # in the ForwardTo /usr/sbin/sendmail line.
I also added a comment at the end of the HOWTO that it process works on SME 5.5. Thanks for the work :)
Jaco
Cyrus Bharda wrote:
>
> Jaco,
>
> Just a quick question, in step 4 of your howto, you say edit
> the ForwardTo line to sendmail or smtp-backdoor, what is the
> difference between the two?
>
> I choose smtp-backdoor because in the rest of the howto you
> refer back to it.
>
> Also do you have to remove the leading # before the ForwardTo
> line or just edit the line?
>
> Example:
>
> # ForwardTo
>
> OR
>
> ForwardTo
>
> Other than that I have successfully installed it on 5.5, well
> no errors to report, just got to download eicar and test it
> out :-)
>
> When are you going to put this up on contribs.org?
>
> Thanks for writing this howto!
>
> Cyrus Bharda
>
> Jaco Bongers wrote:
> >
> > Cyrus
> >
> > I haven't tested it on 5.5, but see no reason why it
> > wouldn't work. Maybe you can test it for us :)
> >
> > Jaco
> >
> > Cyrus Bharda wrote:
> > >
> > > Can I use this howto for 5.5?
> > >
> > > Are there any specific details that are specific to 5.6?
> > >
> > > Thanks,
> > >
> > > Cyrus Bharda
-
Cyrus
> It has been quarantined with the following queue id:
>
> 03243-535AFBAC
>
> But what do I do now?
avq--remove=03243-535AFBAC
or avq --help for more info
>
> Where does it quarantine it?
>
man avmailgate.conf
There is also a FAQ included in the install file (avmailgatex.tgz). You can browse the file using mc
Jaco