In this section
•List of Supported Operating System Versions
•Additional Packages and Components
•Compatibility with Security Subsystems
You can use Dr.Web for UNIX Mail Servers on a computer that meets the following requirements:
Component |
Requirement |
|---|---|
Platform |
Processors of the following architectures and command systems are supported: •Intel/AMD: 32-bit (IA-32, x86); 64-bit (x86-64, x64, amd64) •ARM64 •E2K (Elbrus) •IBM POWER (ppc64el) |
RAM |
At least 500 MB of free RAM (1 GB or more is recommended) |
Free disk space |
At least 2 GB of free disk space on a volume where the product directories are located |
Operating system |
GNU/Linux (based on kernel version 2.6.37 or later, using glibc library 2.13 or later, systemd initialization system ver. 209 or later), FreeBSD. The supported operating system versions are listed below. The operating system must support the PAM authentication mechanism |
Other |
The following valid network connections: •valid Internet connection to enable updates for virus databases and Dr.Web components; •when operating in the centralized protection mode, connection to the server on the local network is enough; connection to the Internet is not required |
|
For the correct operation of the component Dr.Web Firewall for Linux, OS kernel must be built with inclusion of the following options: •CONFIG_NETLINK_DIAG, CONFIG_INET_TCP_DIAG; •CONFIG_NF_CONNTRACK_IPV4, CONFIG_NF_CONNTRACK_IPV6, •CONFIG_NETFILTER_NETLINK_QUEUE, The set of required options from the specified list can depend on the used OS version kit. |
To ensure the correct operation Dr.Web for UNIX Mail Servers, open the following ports:
Purpose |
Direction |
Port numbers |
|---|---|---|
To receive updates |
outgoing |
80 |
To connect to the Dr.Web Cloud service |
outgoing |
2075 (including those for UDP), |
List of Supported Operating System Versions
•GNU/Linux
Platform |
Supported GNU/Linux versions |
|---|---|
x86_64 |
•ALT 8 SP •ALT Server 9, 10 •ALT Workstation 9, 10 •Astra Linux Common Edition (Orel) 2.12 •Astra Linux Special Edition 1.5 (with cumulative patch 20201201SE15), 1.6 (with cumulative patch 20200722SE16), 1.7 •CentOS 7, 8 •Debian 9, 10, 11, 12 •Fedora 37, 38 •GosLinux IC6 •Red Hat Enterprise Linux 7, 8 •RED OS 7.2 MUROM, RED OS 7.3 MUROM •SUSE Linux Enterprise Server 12 SP3 •Ubuntu 18.04, 20.04, 22.04 |
x86 |
•ALT 8 SP •ALT Workstation 9, 10 •CentOS 7 •Debian 10 |
ARM64 |
•ALT 8 SP •ALT Server 9, 10 •ALT Workstation 9, 10 •Astra Linux Special Edition (Novorossiysk) 4.7 •CentOS 7, 8 •Debian 11, 12 •Ubuntu 18.04 |
E2K |
•ALT 8 SP •Astra Linux Special Edition (Leningrad) 8.1 (with cumulative patch 8.120200429SE81) •Elbrus-D MCST 1.4 •GS CS Elbrus 8.32 TVGI.00311-28 |
ppc64el |
•CentOS 8 •Ubuntu 20.04 |
|
In ALT 8 SP, Astra Linux Special Edition (Novorossiysk) 4.11, Elbrus-D MCST 1.4 and GosLinux IC6 mandatory access control is not supported. |
For other GNU/Linux versions that meet the abovementioned requirements full compatibility with Dr.Web for UNIX Mail Servers is not guaranteed. If a compatibility issue occurs, contact technical support.
• FreeBSD
Platform |
Supported FreeBSD versions |
|---|---|
x86 |
11, 12, 13 |
x86_64 |
11, 12, 13 |
|
For FreeBSD OS, Dr.Web for UNIX Mail Servers can be installed only from the universal package. |
Additional Packages and Components
Python3.6+ package is required for integration with the CommuniGate Pro mail server.
|
For convenient work with Dr.Web for UNIX Mail Servers in the command line, you can enable command auto-completion in your command shell (if disabled).
If you encounter any problem with installation of additional packages and components, refer to the documentation of your operating system version. |
•SpIDer Gate can have conflicts with other firewalls installed in your operating system (such as Shorewall and SuseFirewall2 in the SUSE Linux Enterprise Server OS and FirewallD in the Fedora OS, CentOS, Red Hat Enterprise Linux). The sign of conflict is message about the error of SpIDer Gate with a code x109 or message about the error of Dr.Web Firewall for Linux with a code x102. Methods to resolve a conflict are described in the section “Known Errors” for errors x109 and x102 respectively.
•If the used OS includes the version of NetFilter less than 1.4.15, SpIDer Gate can operate incorrectly. This problem is related to the internal error of NetFilter, and looks like as follows: after disabling SpIDer Gate, the network connections are broken and cannot be re-established. If you face this problem, it is recommended that you upgrade your OS to a version that includes NetFilter 1.4.15 or above. The ways to resolve the problem are described in the section “Known errors”.
Dr.Web for UNIX Mail Servers requires a mail server (MTA) to be installed.
•For the integration of Dr.Web for UNIX Mail Servers with MTA in the mode of the plug-in filter, the mail server must support interfaces of integration with external spam and anti-virus filters (Milter, Spamd, Rspamd). For example, MTA from the following list can be used: Sendmail, Postfix, Exim, CommuniGate Pro.
•MTA that do not support the integration interfaces Milter, Spamd, and Rspamd can be integrated with Dr.Web for UNIX Mail Servers via the interface of anti-virus scanning Clamd, via a direct connection to the Dr.Web ClamD anti-virus scanning component (it is possible that MTA will need an additional integration module to be installed and configured). This integration mode does not use the Dr.Web MailD component, so it does not scan email messages for spam and does not allow to repack email messages if any threats are detected. All actions aimed at processing of an infected email message are transferred over to a mail server, which gets the result of scanning of the email message for threats.
|
Due to the complexity of Integration configuration, in order to work with the mail server Qmail, it is recommended that you use the previous version of Dr.Web for UNIX Mail Servers (6.0.2.x), or use the transparent proxy mode. |
•The transparent proxy mode allows to integrate Dr.Web for UNIX Mail Servers for the anti-virus and anti-spam scanning of email messages between MTA and MDA or between MDA and MUA transparently for them (integration into the data exchange channel via the protocols SMTP, POP3, IMAP is performed). This mode requires MTA and Dr.Web for UNIX Mail Servers to be installed on the same host.
|
Transparent proxy mode requires SpIDer Gate included in Dr.Web for UNIX Mail Servers. SpIDer Gate runs only on GNU/Linux. |
•The SMTP proxy mode is a particular case of Dr.Web for UNIX Mail Servers integration with MTA in the mode of the plug-in filter (for example, Postfix) where MTA is set to routing of the received messages (works like a mail relay).
•The Dr.Web Anti-Spam component is not supported for ARM64 and E2K architectures.
Compatibility with Security Subsystems
By default, Dr.Web for UNIX Mail Servers does not support SELinux. In addition, Dr.Web for UNIX Mail Servers operates in reduced functionality mode in the GNU/Linux systems that use mandatory access models (for example, in systems supplied with the PARSEC mandatory access subsystem that appends different privilege levels to users and files).
If installation of Dr.Web for UNIX Mail Servers is required for systems with SELinux (as well as for systems that use mandatory access models). It is necessary to execute additional settings of a security subsystem so that Dr.Web for UNIX Mail Servers operates in full functionality mode. For details, refer to the section Configuring Security Subsystems.