In this section
•Working with Email Servers:
▫How to Connect Dr.Web for UNIX Mail Servers to an MTA as a Filter via Milter, Spamd, or Rspamd
▫How to Connect Dr.Web for UNIX Mail Servers to an MTA as a Clamd Anti-Virus Filter
▫How to Configure Dr.Web for UNIX Mail Servers in the SMTP Proxy Mode
▫How to Configure the Transparent Proxy Mode for an MTA
•
•General Operation of Dr.Web for UNIX Mail Servers:
▫How to Restart Dr.Web for UNIX Mail Servers
▫How to Connect to a Centralized Protection Server
▫How to Disconnect From a Centralized Protection Server
▫How to Activate Dr.Web for UNIX Mail Servers
▫How to Upgrade Dr.Web for UNIX Mail Servers
▫How to Add or Remove a Component of Dr.Web for UNIX Mail Servers
▫How to Manage Dr.Web for UNIX Mail Servers Component Operation
▫How to View the Log of Dr.Web for UNIX Mail Servers
How to Connect Dr.Web for UNIX Mail Servers to an MTA as a Filter via Milter, Spamd, or Rspamd
Follow the instructions provided in the Integration with MTA as a filter section.
How to Connect Dr.Web for UNIX Mail Servers to an MTA as a Clamd Anti-Virus Filter
Follow the instructions provided in the Integration with External Applications section.
|
In this case, special component Dr.Web MailD designed for email scanning (including scanning for the signs of spam) is not used. Email messages transmitted by an MTA will be scanned by the anti-virus only. In case of threat detection, the message processing is performed directly by the mail server. |
How to Configure Dr.Web for UNIX Mail Servers in the SMTP Proxy Mode
Follow the instructions provided in the Using Dr.Web for UNIX Mail Servers in SMTP Proxy Mode section.
How to Configure the Transparent Proxy Mode for an MTA
Follow the instructions provided in the Using Dr.Web for UNIX Mail Servers in Transparent Proxy Mode section.
How to Restart Dr.Web for UNIX Mail Servers
To restart already running Dr.Web for UNIX Mail Servers, you can use the script that controls the Dr.Web ConfigD configuration management daemon. Starting, stopping, or restarting the daemon will respectively start, stop or restart Dr.Web for UNIX Mail Servers.
The script that controls the operation of Dr.Web ConfigD is stored in the standard OS directory (/etc/init.d/ for GNU/Linux and /usr/local/etc/rc.d/ for FreeBSD) and is named drweb-configd. The script has the following parameters:
Parameter |
Description |
|---|---|
start |
Start Dr.Web ConfigD if it is not running. Upon starting, Dr.Web ConfigD starts all the required components of Dr.Web for UNIX Mail Servers. |
stop |
Shut down Dr.Web ConfigD if it is running. Upon shutting down, Dr.Web ConfigD shuts down all the components of Dr.Web for UNIX Mail Servers. |
restart |
Restart (shut down and start) Dr.Web ConfigD that will shut down and start all Dr.Web for UNIX Mail Servers components. If Dr.Web ConfigD is not running, the parameter has the same effect as start. |
condrestart |
Restart Dr.Web ConfigD only if it is running. |
reload |
Send a HUP signal to Dr.Web ConfigD if it is running. Dr.Web ConfigD forwards this signal to all the components of Dr.Web for UNIX Mail Servers. The parameter is used to make all Dr.Web for UNIX Mail Servers components reread their configuration. |
status |
Output the current state of Dr.Web ConfigD to the console. |
For example, to restart Dr.Web for UNIX Mail Servers (or start it, if it is not running) on an OS of the GNU/Linux family, use the following command:
# /etc/init.d/drweb-configd restart |
How to Connect to a Centralized Protection Server
1.Obtain a centralized protection server address and certificate file from your anti-virus network administrator. You may also need additional parameters such as an identifier and a password for your station or identifiers of the main group and the tariff group.
2.Use the esconnect command of the Dr.Web Ctl command-line tool bundled with Dr.Web for UNIX Mail Servers.
To establish a connection, you must use the --Certificate parameter by specifying a path to the certificate file of the server. You can additionally enter an identifier of your host (“station” in the terms of the centralized protection server) and a password for authentication on the server, if you know them, by using the --Login and --Password parameters. If these parameters are specified, connection to the server will be established only if you specify a correct identifier-password pair. If the parameters are not specified, connection to the server will be established only if it is approved for the server (automatically or by the administrator of the anti-virus network, depending on the server settings).
Moreover, you can use the --Newbie parameter (connect as a new user). If this mode is allowed on the server, after this connection is approved, the server automatically generates a unique identifier-password pair for this host, which will be further used to connect it to the server.
|
In this mode the centralized protection server generates a new account for the host even if this host already has another account on the server. |
A standard example of the command to connect Dr.Web for UNIX Mail Servers to the centralized protection server:
# drweb-ctl esconnect <server address> --Certificate <path to the server certificate file> |
After establishing a connection to the centralized protection server, Dr.Web for UNIX Mail Servers will operate in the centralized protection mode or in the mobile mode, depending on permissions set on the server and the value of the MobileMode configuration parameter of the Dr.Web ES Agent component. To force the mobile mode, set this parameter to On. For operation in the centralized protection mode, set the parameter to Off.
A standard example of the command to switch Dr.Web for UNIX Mail Servers, which is connected to the centralized protection server, to the mobile mode is as follows:
# drweb-ctl cfset ESAgent.MobileMode On |
|
If the centralized protection server in use does not support or does not allow the mobile mode, changing the MobileMode parameter value will not switch Dr.Web for UNIX Mail Servers to the mobile mode. |
How to Disconnect From a Centralized Protection Server
To disconnect Dr.Web for UNIX Mail Servers from the centralized protection server and switch to the standalone mode, use the esdisconnect command of the Dr.Web Ctl tool designed to manage Dr.Web for UNIX Mail Servers from the command line:
# drweb-ctl esdisconnect |
To use Dr.Web for UNIX Mail Servers in standalone mode, a valid license key file is required. Otherwise, anti-virus functions of Dr.Web for UNIX Mail Servers will be blocked after switching to the standalone mode.
How to Activate Dr.Web for UNIX Mail Servers
1.Register on the website of the Doctor Web company at https://products.drweb.com/register/v4.
2.You will receive an archive containing a valid license key file at the email address that you specified during the registration (you can also download this archive directly from the website after you have finished the registration).
3.Install the key file.
How to Upgrade Dr.Web for UNIX Mail Servers
Update component versions or upgrade to a new version.
|
You may be asked to remove the current version of Dr.Web for UNIX Mail Servers. |
How to Add or Remove a Component of Dr.Web for UNIX Mail Servers
Follow the Custom Component Installation and Uninstallation procedure.
|
When installing and uninstalling a component, other Dr.Web for UNIX Mail Servers components can be additionally installed or uninstalled to resolve dependencies. |
How to Manage Dr.Web for UNIX Mail Servers Component Operation
To view the status of Dr.Web for UNIX Mail Servers components and to manage their operation, use:
•The Dr.Web Ctl command-line management tool. Use the drweb-ctl appinfo, drweb-ctl cfshow and drweb-ctl cfset commands. To view the list of available management commands, use the drweb-ctl --help command.
•Dr.Web for UNIX Mail Servers management web interface. By default, you can access it via a web browser at https://127.0.0.1:4443.
How to View the Log of Dr.Web for UNIX Mail Servers
By default, the unified log of all Dr.Web for UNIX Mail Servers components is output to syslog (a file used by the system component syslog to log messages; the file depends on the system and is located in the /var/log directory). Unified log settings are defined in the configuration file in the [Root] section (Log and DefaultLogLevel parameters). Log and LogLevel parameters are provided for each component in its settings section. They set the log storage location and the logging level of messages output by the component to the log.
You can also use the drweb-ctl log command.
To change the logging settings, use the Dr.Web Ctl command-line management tool or the Dr.Web for UNIX Mail Servers management web interface.
To identify errors, configure the output of the unified log of all components to be stored in a separate file and enable the output of detailed debug information. For that, run the commands:
# drweb-ctl cfset Root.Log <log path> |
To reset the unified log settings for all components, run the commands:
# drweb-ctl cfset Root.Log -r |