The Dr.Web MailD component is designed for direct email scanning, detection of malicious contents (not only attachments but also links to malicious or unwanted websites), analyzing messages for signs of spam and checking their compliance with the security criteria set by an email system administrator (scanning of email message body and headers using regular expressions specified by the administrator).
The component can be integrated with an email server (MTA) via Milter, Spamd and Rspamd standard interfaces (these interfaces are usually used by the SpamAssassin filter), as well as in email protocols (SMTP, POP3 and IMAP) transparent for sending and receiving parties (MTA and MTA, MDA and MUA). The second method implies that the SpIDer Gate network traffic monitor is used by the Dr.Web MailD component. In external filter mode, email attachments can be analyzed by the Dr.Web vxCube web service if its integration is enabled.
|
Since the SpIDer Gate monitor runs only on OSes of the GNU/Linux family, the transparent integration method (a “proxy” mode) is available only for email servers running on OSes of the GNU/Linux family.
If the scanning of email messages is highly intense, scanning issues can occur due to depletion of the number of available file descriptors by the Dr.Web Network Checker component. In this case, it is necessary to increase the limit by the number of file descriptors available to Dr.Web Mail Security Suite. |
Details:
•Integration with Email Systems