In this section
•Working with Email Servers:
▫How to Connect Dr.Web for UNIX Mail Servers to MTA as a Filter via Milter, Spamd, or Rspamd
▫How to Connect Dr.Web for UNIX Mail Servers to MTA as an Anti-Virus Filter Clamd
▫How to Configure Product for SMTP Proxy Mode
▫How to Configure the Transparent Proxy Mode for MTA
•General Operation of Dr.Web for UNIX Mail Servers:
▫How to Restart Dr.Web for UNIX Mail Servers
▫How to Connect to the centralized protection server
▫How to Disconnect From the Centralized Protection Server
▫How to Activate Dr.Web for UNIX Mail Servers
▫How to Upgrade Dr.Web for UNIX Mail Servers
▫How To Add or Remove Dr.Web for UNIX Mail Servers Component
▫How to Manage Dr.Web for UNIX Mail Servers Component Operation
▫How to View Log of the Dr.Web for UNIX Mail Servers
How to Connect Dr.Web for UNIX Mail Servers to MTA as a Filter via Milter, Spamd or Rspamd
Follow the instructions provided in the Integration with MTA as a filter section.
How to Connect Dr.Web for UNIX Mail Servers to MTA as an Anti-Virus Filter Clamd
Follow the instructions provided in the Integration with External Applications section.
|
In this case, special component Dr.Web MailD designed for email scanning (including scanning for the signs of spam) is not used. Email messages transmitted by MTA will be scanned by anti-virus only. In case of threat detection, the message processing is performed directly by the mail server. |
How to Configure Dr.Web for UNIX Mail Servers for SMTP Proxy Mode
Follow the instructions provided in the Using Dr.Web for UNIX Mail Servers in SMTP Proxy Mode section.
How to Configure the Transparent Proxy Mode for MTA
Follow the instructions provided in the Using Dr.Web for UNIX Mail Servers in Transparent Proxy Mode section.
How to Restart Dr.Web for UNIX Mail Servers
To restart Dr.Web for UNIX Mail Servers when it is already running, you can also use the script that controls the Dr.Web ConfigD configuration daemon. Startup, stop, or restart of the daemon cause respectively the startup, stop or restart of Dr.Web for UNIX Mail Servers.
The shell script that controls the operation of Dr.Web ConfigD is residing in the standard OS directory (for GNU/Linux—/etc/init.d/; for FreeBSD—/usr/local/etc/rc.d/). The name of the script is drweb-configd. It has the following parameters:
Parameter |
Description |
|---|---|
start |
Start Dr.Web ConfigD if it is not running. When Dr.Web ConfigD starts, Dr.Web ConfigD launches all the required components of Dr.Web for UNIX Mail Servers. |
stop |
Shut down Dr.Web ConfigD if it is running. When Dr.Web ConfigD is shutting down, Dr.Web ConfigD also shuts down all the components of Dr.Web for UNIX Mail Servers. |
restart |
Restart (shut down and then start) Dr.Web ConfigD. Dr.Web ConfigD shuts down and then starts all the components of Dr.Web for UNIX Mail Servers. If Dr.Web ConfigD is not running, the parameter has the same effect as start. |
condrestart |
Restart Dr.Web ConfigD only if it is running. |
reload |
Send a HUP signal to Dr.Web ConfigD if the component is running. Dr.Web ConfigD forwards this signal to all the components of Dr.Web for UNIX Mail Servers. The parameter is used to make all components reread their configuration. |
status |
Output the current state of Dr.Web ConfigD to the console. |
For example, to restart Dr.Web for UNIX Mail Servers (or start it, if it is not running) in GNU/Linux OS, use the following command:
# /etc/init.d/drweb-configd restart |
How to Connect to the Centralized Protection Server
1.Obtain the address of the centralized protection server and the file of its certificate from your anti-virus network administrator. You may also need additional parameters, such as an identifier and password for your workstation or identifiers of the main group and tariff group.
2.Use the esconnect command of the Dr.Web Ctl command-line tool provided with Dr.Web for UNIX Mail Servers.
For connection it is required to use the option --Certificate by specifying the path to the certificate file of the server. You can additionally enter the identifier of your host (the ID of your “workstation”, if we use the terminology used by the centralized protection server) and a password for authentication on the centralized protection server by using the --Login and --Password parameters. In this case, connection to the server will be established only if you specify a correct identifier-password pair. If the parameters are not specified, connection to the server will be established only if it is approved on the server (automatically or by the administrator of the anti-virus network, depending on the server settings).
Moreover, you can use the --Newbie option (connect as a new user). If this mode is allowed on the server, then after this connection is approved, the server automatically generates a unique identifier/password pair, which will be further used for connection of this agent to the server.
|
In this mode the centralized protection server generates a new account for the host even if this host already has another account on the server. |
A standard example of the command instructing Dr.Web for UNIX Mail Servers to connect to the centralized protection server:
# drweb-ctl esconnect <server address> --Certificate <path to the certificate file> |
After establishing a connection to the centralized protection server, Dr.Web for UNIX Mail Servers will operate in the centralized protection mode or in the mobile mode, depending on the permissions set on the server and the value of the MobileMode configuration parameter of the Dr.Web ES Agent component. To allow unconditional use of the mobile mode, set the parameter value to On. For operation in the centralized protection mode, set the parameter value to Off.
A standard example of the command instructing Dr.Web for UNIX Mail Servers that is connected to the centralized protection server to switch to the mobile mode is as follows:
# drweb-ctl cfset ESAgent.MobileMode On |
|
If the centralized protection server does not support or does not allow to use the mobile mode, adjusting the MobileMode parameter cannot switch operation of Dr.Web for UNIX Mail Servers to the mobile mode. |
How to Disconnect From the Centralized Protection Server
To disconnect Dr.Web for UNIX Mail Servers from the centralized protection server and switch its operation into standalone mode, use the esdisconnect command of the Dr.Web Ctl command-line tool provided in Dr.Web for UNIX Mail Servers:
# drweb-ctl esdisconnect |
To use Dr.Web for UNIX Mail Servers in standalone mode, a valid license key file is required. Otherwise, anti-virus functions of Dr.Web for UNIX Mail Servers will be blocked after the operation is switched to standalone mode.
How to Activate Dr.Web for UNIX Mail Servers
1.Register on Doctor Web website at https://products.drweb.com/register/v4.
2.At the email address that you specified during the registration you will receive an archive containing a valid license key file (you can also download this archive directly from the website after you have finished the registration).
3.Carry out the key file installation procedure.
How to Upgrade Dr.Web for UNIX Mail Servers
Update component versions or upgrade to a new version.
|
During the upgrade you can be asked to remove the current Dr.Web for UNIX Mail Servers version. |
How To Add or Remove Dr.Web for UNIX Mail Servers Component
Follow the Custom Component Installation and Uninstallation procedure.
|
When installing and uninstalling the component, other Dr.Web for UNIX Mail Servers components could be additionally installed or uninstalled to resolve dependencies. |
How to Manage Components Operation
To view the status of Dr.Web for UNIX Mail Servers components and to manage their operation, you can use:
•The command-line-based management tool Dr.Web Ctl (use the drweb-ctl appinfo, drweb-ctl cfshow and drweb-ctl cfset commands. To view the list of available management commands, use the command drweb-ctl --help).
•The management web interface of Dr.Web for UNIX Mail Servers (by default, you can access it via a web browser at https://127.0.0.1:4443/).
How to View Log of the Dr.Web for UNIX Mail Servers
According to default settings the general log of all Dr.Web for UNIX Mail Servers components is displayed in syslog file (the file for logging messages by the system component syslog depends on the system and is located in the directory /var/log). General log settings are defined in the configuration file in the section [Root] (parameters Log and DefaultLogLevel). For each component in their settings section, parameters Log and LogLevel are available. They set the log storage location and the logging level of messages that the component outputs in the log.
Also you can use the drweb-ctl log command.
To change the logging settings, use the Dr.Web Ctl command-line management tool and the Dr.Web for UNIX Mail Servers management web interface (if it is installed).
•To identify errors, we recommend you to configure output of the general log of all components to a separate file and enable output of extended debug information to the log. For that, execute the following commands:
# drweb-ctl cfset Root.Log <path to log file> |
•To return to the default logging method and verbosity level for all components, execute the following commands:
# drweb-ctl cfset Root.Log -r |