If your mail server cannot be integrated with Dr.Web for UNIX Mail Servers via Milter, Spamd or Rspamd interfaces or via the protocol, you can protect it with the Dr.Web Firewall for Linux. You need to configure Dr.Web Firewall for Linux so that all data coming to the server with Dr.Web for UNIX Mail Servers installed be checked by the network connections monitor (transparent proxy mode).
To configure Dr.Web for UNIX Mail Servers, edit the values of the following parameters in the [MailD] section) in the configuration file:
•using TemplateContacts and ReportLanguages parameters, specify the parameters of email generation when repacking email messages with threats and/or spam;
•for the TemplateContacts parameter specify the address of the mail server administrator to whom the messages will be sent if threats or spam are detected;
•in the RepackPassword parameter value, specify the method of passwords generation for protected archives with threats to be added to email messages when being repacked.
To configure the Transparent Proxy Mode, change the values in the [LinuxFirewall] in the configuration file:
To view and to change the settings of Dr.Web Firewall for Linux, you can use the following means:
•The —Dr.Web Ctl (use the drweb-ctl cfshow and drweb-ctl cfset commands).
•The management of Dr.Web for UNIX Mail Servers (by default, you can access it via a web browser at https://127.0.0.1:4443/).
To provide integration of Dr.Web for UNIX Mail Servers into the channels of email delivery that use the SSL/TLS secure connection:
1.Enable scanning of the traffic transmitted via SSL/TLS by indicating the value of the corresponding parameter by executing the command:
It is recommended that the command cfset of the tool drweb-ctl or management web interface is used, because in this case the scanning rules will change automatically. They depend on this parameter.
2.Export the certificate, which will be used by Dr.Web for UNIX Mail Servers for SSL/TLS connection:
3.Add the obtained certificate to the system list of trusted certificates and specify it as the trusted certificate for mail clients and server. For details, see section.
Set the values of the following parameters in the [LinuxFirewall]section in the configuration file:
1.Parameters that limit the length and resource intensity of email message scanning (ScanTimeout, HeuristicAnalysis, PackerMaxLevel, ArchiveMaxLevel, MailMaxLevel, ContainerMaxLevel, MaxCompressionRatio). If you do not need detailed tuning, do not change the values of these parameters.
2.The Block* parameters specifying the settings for scanning links and files in email messages.
3.The BlockUnchecked, specifying the action for Dr.Web MailD to take in case of impossibility to scan the received email message. If this parameter is set to Yes, the message is to be rejected.
For a more detailed configuration of the filtering rules edit the or the RuleSet .
After all settings are adjusted, restart Dr.Web for UNIX Mail Servers with the following :
You can also restart the configuration daemon Dr.Web ConfigD with the following command: