In this section
•List of Supported Operating System Versions
•Additional Packages and Components
•Compatibility with Security Subsystems
You can use Dr.Web for UNIX Mail Servers on a computer that meets the following requirements:
Component |
Requirement |
|---|---|
Platform |
Processors of the following architectures and command systems are supported: •Intel/AMD: 32-bit (IA-32, x86); 64-bit (x86-64, x64, amd64) •ARM64 •E2K (Elbrus) •IBM POWER9, Power10 (ppc64el) |
RAM |
At least 500 MB of free RAM (1 GB or more is recommended) |
Free disk space |
At least 2 GB of free disk space on a volume where the product directories are located |
Operating system |
GNU/Linux (based on kernel version 2.6.37 or later, using glibc library 2.13 or later, systemd initialization system ver. 209 or later), FreeBSD. The supported operating system versions are listed below. The operating system must support the PAM authentication mechanism |
Other |
The following valid network connections: •valid Internet connection to enable updates for virus databases and Dr.Web components; •when operating in the centralized protection mode, connection to the server on the local network is enough; connection to the Internet is not required |
|
To enable the correct operation of the Dr.Web Firewall for Linux component, the OS kernel must be built with the following options: •CONFIG_NETLINK_DIAG, CONFIG_INET_TCP_DIAG; •CONFIG_NF_CONNTRACK_IPV4, CONFIG_NF_CONNTRACK_IPV6, •CONFIG_NETFILTER_NETLINK_QUEUE, The set of required options from the specified list can depend on the relevant OS version. |
To enable the correct operation of Dr.Web for UNIX Mail Servers, open the following ports:
Purpose |
Direction |
Port numbers |
|---|---|---|
To receive updates |
outgoing |
80 |
To connect to the Dr.Web Cloud service |
outgoing |
2075 (including those for UDP), |
List of Supported Operating System Versions
•GNU/Linux
Platform |
Supported GNU/Linux versions |
|---|---|
x86_64 |
•ALT 8 SP •ALT Server 9, 10 •ALT Workstation 9, 10 •Astra Linux Common Edition (Orel) 2.12 •Astra Linux Special Edition 1.5 (with cumulative patch 20201201SE15), 1.6 (with cumulative patch 20200722SE16), 1.7, 1.8 •CentOS 7, 8 •Debian 9, 10, 11, 12 •Fedora 37, 38 •GosLinux IC6 •Red Hat Enterprise Linux 7, 8 •RED OS 7.2 MUROM, RED OS 7.3 MUROM, RED OS 8 •SUSE Linux Enterprise Server 12 SP3 •Ubuntu 18.04, 20.04, 22.04, 24.04 |
x86 |
•ALT 8 SP •ALT Workstation 9, 10 •CentOS 7 •Debian 10 |
ARM64 |
•ALT 8 SP •ALT Server 9, 10 •ALT Workstation 9, 10 •Astra Linux Special Edition (Novorossiysk) 4.7 •CentOS 7, 8 •Debian 11, 12 •Ubuntu 18.04 |
E2K |
•ALT 8 SP •ALT Server 10 •ALT Workstation 10 •Astra Linux Special Edition (Leningrad) 8.1 (with cumulative patch 8.120200429SE81) •Elbrus-D MCST 1.4 •GS CS Elbrus 8.32 TVGI.00311-28 |
ppc64el |
•CentOS 8 •Ubuntu 20.04 |
|
In ALT 8 SP, Elbrus-D MCST 1.4 and GosLinux IC6 mandatory access control is not supported. |
For other GNU/Linux versions that meet the abovementioned requirements, full compatibility with Dr.Web for UNIX Mail Servers is not guaranteed. If a compatibility issue occurs, contact our technical support.
•FreeBSD
Platform |
Supported FreeBSD versions |
|---|---|
x86 |
11, 12, 13 |
x86_64 |
11, 12, 13 |
|
Dr.Web for UNIX Mail Servers can be installed on FreeBSD only from the universal package.
The correct operation of Dr.Web for UNIX Mail Servers on FreeBSD 13 requires that the compat12x Support Pack is installed. |
Additional Packages and Components
The python3.6+ package is required for integration with the CommuniGate Pro mail server.
|
For convenient work with Dr.Web for UNIX Mail Servers from the command line, it is recommended to enable command auto-completion in your command shell (if disabled).
If you encounter any issue with installation of additional packages and components, refer to the documentation of your operating system version. |
•SpIDer Gate can have conflicts with other firewalls installed in your operating system (such as Shorewall and SuseFirewall2 in SUSE Linux Enterprise Server and FirewallD in Fedora, CentOS, Red Hat Enterprise Linux). The conflict manifests itself in the SpIDer Gate error message with code x109 or the Dr.Web Firewall for Linux error message with code x102. Methods to resolve the conflict are described in the section Appendix F. Known Errors, see errors x109 and x102.
•If the OS includes NetFilter earlier than 1.4.15, SpIDer Gate can operate incorrectly. This issue is related to the internal error of NetFilter, and looks like as follows: after disabling SpIDer Gate, the network becomes unstable. If you encounter this issue, it is recommended that you upgrade your OS to a version that includes NetFilter 1.4.15 or later. The ways to resolve this issue are described in the Appendix F. Known Errors section.
Dr.Web for UNIX Mail Servers requires a mail server (MTA) to be installed.
•To integrate Dr.Web for UNIX Mail Servers into an MTA in a plug-in filter mode, the mail server must support interfaces for integration with external spam and anti-virus filters (Milter, Spamd, or Rspamd). For example, MTA from the following list can be used: Sendmail, Postfix, Exim, or CommuniGate Pro.
•MTA that do not support the Milter, Spamd, and Rspamd integration interfaces can integrate Dr.Web for UNIX Mail Servers via the anti-virus scanning interface of Clamd, via a direct connection to the Dr.Web ClamD anti-virus scanning component (it is possible that the MTA will need an additional integration module to be installed and configured). This integration mode does not use the Dr.Web MailD component, so it does not scan email messages for spam and does not allow to repack email messages if threats are detected. All actions of processing an infected email message are delegated to the mail server, which gets the result of scanning the email message for threats.
|
Due to the complexity of integration configuration, in order to work with the Qmail mail server, it is recommended to use the older version of Dr.Web for UNIX Mail Servers (6.0.2.x), or the transparent proxy mode. |
•The transparent proxy mode allows to integrate Dr.Web for UNIX Mail Servers for the anti-virus and anti-spam scanning of email messages between MTA and MDA or between MDA and MUA transparently for them (integration in the data exchange channel via SMTP, POP3 and IMAP protocols is performed). This mode requires MTA and Dr.Web for UNIX Mail Servers to be installed on the same host.
|
Transparent proxy mode requires that Dr.Web for UNIX Mail Servers includes SpIDer Gate, which runs only on GNU/Linux. |
•The SMTP proxy mode is a particular case of Dr.Web for UNIX Mail Servers integration in the MTA in the plug-in filter mode (for example, Postfix) where the MTA is set to route the received messages (works like a mail relay).
•The Dr.Web Anti-Spam component is not supported for ARM64, E2K and IBM POWER (ppc64el) architectures.
Compatibility with Security Subsystems
By default, Dr.Web for UNIX Mail Servers does not support the SELinux security subsystem. Moreover, Dr.Web for UNIX Mail Servers operates by default in a reduced functionality mode on the GNU/Linux systems that use mandatory access models (for example, on the systems distributed with the PARSEC mandatory access subsystem, which assigns different privilege levels, so-called mandatory levels, to users and files).
In case of installing Dr.Web for UNIX Mail Servers on systems with SELinux (as well as on systems that use mandatory access models), it is necessary to additionally configure the security subsystem, so that Dr.Web for UNIX Mail Servers would operate in a full functionality mode. For details, refer to the Configuring Security Subsystems section.