Dr.Web MailD

Dr.Web MailD is designed for direct email scanning, detection of malicious contents (not only attachments but also links to unwanted websites), and analysis of messages for signs of spam, their compliance with the security criteria indicated by a mail system administrator (scanning of body and headers of email messages using regular expressions specified by the administrator).

The component could be integrated into the mail server (MTA) via the standard interfaces Milter, Spamd, and Rspamd (these interfaces are usually used by the filter SpamAssassin), as well as into mail protocols (SMTP, POP3 and IMAP) transparent for the sending and receiving parties (MTA and MTA, MDA and MUA). The second method implies that the functionality of the SpIDer Gate component for scanning of network traffic is used by the Dr.Web MailD component. In the external filter mode, email attachments can be analyzed by the Dr.Web vxCube web service if Dr.Web vxCube integration is enabled.

As the SpIDer Gate monitor operates only in the GNU/Linux environment, the method of the transparent integration (“proxy” mode) is available only for the mail servers that operate in the GNU/Linux environment.


In case of high intensity of the scanning of email messages, there is a possibility of having problems with their scanning due to depletion of the number of available file descriptors by the Dr.Web Network Checker component. In this case, it is necessary to increase the limit of the number of file descriptors available to Dr.Web for UNIX Mail Servers.




Operating Principles

Command-Line Arguments

Configuration Parameters

Integration with Mail Systems

Integration with Dr.Web vxCube

Email Processing in Lua