eScan BlogeScan Blog    eScan WebsiteeScan Website    eScan ForumeScan Forum    eScan FeedseScan Feeds     
    
Languages:     

From eScan Wiki

(Difference between revisions)
Jump to: navigation, search
Revision as of 04:56, 21 August 2013
WikiSysop (Talk | contribs)

← Previous diff
Current revision
WikiSysop (Talk | contribs)

Line 314: Line 314:
---- ----
- 
===Scenarios=== ===Scenarios===
- 
====<B>Type I</B>==== ====<B>Type I</B>====
Line 327: Line 325:
[[Image:MS-scenario1.jpg| ]] [[Image:MS-scenario1.jpg| ]]
|} |}
 +
---- ----
- 
====<B>Type II</B>==== ====<B>Type II</B>====
MailScan for Linux Mailserver is installed on the same system where a Mailserver is running. MailScan will be running on Port 25 and the MailServer SMTP service should be made to run on a different unused port eg. Port 26. Incoming mails will be accepted on port 25 & scanned by MailScan and then forwarded to the MailServer SMTP port 26. MailScan for Linux Mailserver is installed on the same system where a Mailserver is running. MailScan will be running on Port 25 and the MailServer SMTP service should be made to run on a different unused port eg. Port 26. Incoming mails will be accepted on port 25 & scanned by MailScan and then forwarded to the MailServer SMTP port 26.
Line 336: Line 334:
[[Image:MS-scenario2.jpg| ]] [[Image:MS-scenario2.jpg| ]]
|} |}
 +
---- ----
- 
====<B>Type III</B>==== ====<B>Type III</B>====
MailScan for Linux Mailserver can also act as a Mail Delivery Agent (MDA) for locally configured mail users. MailScan for Linux Mailserver can also act as a Mail Delivery Agent (MDA) for locally configured mail users.
Line 345: Line 343:
[[Image:MS-scenario3.jpg| ]] [[Image:MS-scenario3.jpg| ]]
|} |}
 +
---- ----

Current revision

Image:escan-g.jpg
· eScan  · MailScan  · Technologies   · Technical Info  · Security Awareness  · User Guides
MailScan for Linux Mail Servers


Contents

Required Packages

RPM Package Name                       File name
    mwadmin                 mwadmin-x.x-x.<linux distro><release>.i386.rpm
    mwav                    mwav-x.x-x.<linux distro><release>.i386.rpm
    mailscan                mailscan-x.x-x.<linux distro><release>.i386.rpm


Debian Package Name                    File name
    mwadmin                 mwadmin-x.x-x.<linux distro><release>.i386.deb
    mwav                    mwav-x.x-x.<linux distro><release>.i386.deb
    mailscan                mailscan-x.x-x.<linux distro><release>.i386.deb




Installation

NOTE:The packages should be installed as per the order given below. Installation should be done using a Terminal to run the command line parameters


Command Line Installation:


For RPM Packages:

# rpm -ivh mwadmin-x.x-x.<linux distro><release>.i386.rpm
# rpm -ivh mwav-x.x-x.<linux distro><release>.i386.rpm
# rpm -ivh mailscan-x.x-x.<linux distro><release>.i386.rpm


For Debian packages:

# dpkg -i mwadmin-x.x-x.<linux distro><release>.i386.deb
# dpkg -i mwav-x.x-x.<linux distro><release>.i386.deb
# dpkg -i mailscan-x.x-x.<linux distro><release>.i386.deb


Note:- Mailscan for Linux by default uses SMTP port 25. In case, if the mailserver is on the same system then the mailserver smtp port should use a different port other than port 25.



FAQ's

General


1. What is MailScan for Linux Mail Servers?

A. MicroWorld's MailScan for Linux is a reliable and 'Real-Time" mail-scanning software for Linux Mail Servers. It offers a complete and secure security solution for mail servers running on Linux. Some of the Linux mail servers that it protects are: SendMail, Qmail, Exim, PostFix, etc.


2. What are the features in MailScan for Linux Mail Servers?

A. MailScan for Linux Mail Servers:

  • Anti-Virus Scanner,
  • Content (Spam) Scanning,
  • Attachment Reservation and Malicious Attachment detection,
  • Easy and convenient web-based administration
  • Automatic download of Virus signatures,
  • Provides extensive Logs for analysis.

3. For which GNU/Linux distributions is MailScan for Linux Mailserver available?

A. MailScan for Linux MailServer is available for

  • RHEL 5 (32 Bit)
  • RHEL 5 (64 Bit)
  • SLES 10.2 (32 Bit)
  • SLES 10.2 (64 Bit)


New or updated packages for various GNU/Linux distributions are always added in the official web-site www.escanav.com as well as in the eScan Wiki site. To check the latest available packages for your linux distro click here

If you do not find your package in our website, please write to linux@escanav.com with your following details as mentioned below:

  • MailScan product name,
  • linux distribution and release version,
  • the linux kernel version and
  • 32 bit or 64 bit OS.

4. What is the difference between the Evaluation version of MailScan software and fully licensed software?

A. The evaluation version and licensed version of MailScan are identical in feature and functionality wise. While in evaluation version of MailScan, it will function for a limited period i.e. for 30-days after which the license key for MailScan has to be purchased.


5. How can I check the dependencies required for MicroWorld's products?

A. To check the dependencies before installing the packages

command for RPM Package
# rpm -qpR <package>
command for Debian Package
# dpkg --info <package>



6. How can I check the version of the MailScan packages installed?

A. To check the version of the installed MailScan packages


command for RPM Package
# rpm -qi <package-name> Display package information, including name, version, and description.
OR
* rpm -qa <package-name> Report status of specified package.
Example: rpm -qa mwadmin rpm -qa mwav rpm -qa mailscan
OR
Example: rpm -qi mwadmin rpm -qi mwav rpm -qi mailscan


command for Debian Package
# dpkg -l <package-name> List packages matching given pattern
OR
# dpkg -s <package-name> Report status of specified package.
Example: dpkg -l mwadmin dpkg -l mwav dpkg -l mailscan
OR
Example: dpkg -s mwadmin dpkg -s mwav dpkg -s mailscan

7. How does MailScan for Linux Mail server works?

A. MailScan will scan all incoming and outgoing mails on a real time basis for viruses and other malwares, offensive contents and malicious attachments. MailScan uses content scanning for detection of SPAM mails. It will restrict emails with certain words or phrases that are not useful to an organization.

Thus MailScan will scan for Viruses and content scanning and deliver the mail to the Mail Server.



Features

Web Based Administration


1. How can I access the MailScan for Linux administration?

A. Mailscan for Linux administration console can be accessed using a web-browser, thus enabling remote administration of the Mailscan.
To login to the Web-Administration from the web-browser:

https://ip-address-of-MailScan-Server:10443


Spam Control - Greylisting


1. What is Greylisting?

A. Grey Listing is one of the features used by MailScan to control spam emails. Grey Listing method, when enabled, temporarily rejects a mail when it is received for the first time or from an unknown sender. A genuine mail-server will always retry to re-send the mail, while a spammer, generally, will not try to re-send those mails which fails to reach the recipient.

Greylisting checks for 3 basic informations to identify a mail, which is called as "TRIPLET":

  1. The ip address of the sender domain,
  2. The email address of the sender and
  3. The email address of the recipient

If the triplet is seen for the first time (i.e. the mail is sent to the recipient domain for the first time), then the mail is temporarily rejected. A temporary message is sent to the sender SMTP server like the one given below:

 451 4.7.1 Please try again later

If the triplet has been seen and accepted by the recipient domain before, then the mail is accepted and delivered.


4. How can I enable Greylisting in Mailscan?

A. To enable Greylisting in Mailscan

1. Login the the Web-Administration of the MailScan
https://ip-address-of-MailScan-Server:10443
2. Click on Mail Options ==> Features
3. Check the Enable Grey Listing option
4. Restart the MailScan Services from Server Control ==> Server Status and restart the Anti-Spam and SMTP Services.

3. Can mails from a known domain/s be whitelisted from GreyListing in MailScan?

A. Yes. To whitelist a particular domain from Greylisting add the IP address with its subnet mask (Network prefix) of the Sender domain.

1. Login the the Web-Administration of the MailScan
https://ip-address-of-MailScan-Server:10443
2. Click on Content Filter ==> Grey Listing
3. Add the ip address and the network prefix of the domain to be whitelisted in the space given.

Spam Control - RBL & DUL


1. What is RBL & DUL check?

A. The MAPS (Mail Abuse Prevention System), an organization, maintains a list of IP addresses that are known for sending spam emails. The lists are

* Real-Time Blackhole List 
* Dialup Users List (DUL) 

When a mail is received from a domain, which is not in the Allow Domain list, MailScan sends a query to the MAPS server which verifies the IP. If the IP is listed in the RBL / DUL list, the connection is dropped.


2. Does MailScan supports multi RBL checks?

A. Yes. MailScan supports multi RBL checks. By default, MailScan checks from the below RBL servers:

* zen.spamhaus.org
* bl.spamcop.net
* list.dsbl.org

To add or modify the list of RBL / DUL Server list

1. Login the the Web-Administration of the MailScan
https://ip-address-of-MailScan-Server:10443
2. Click on Mail Options ==> RBL & DUL Settings
3. Add / modify in the space provided for "Open Relay Blackhole List / Dialup Users List Servers".
4. Restart the MailScan Services from Server Control ==> Server Status and restart the Anti-Spam and SMTP Services.

3. How to Enable RBL / DUL check?

A. To Enable RBL / DUL check,

1. Login the the Web-Administration of the MailScan
https://ip-address-of-MailScan-Server:10443
2. Click on Mail Options ==> RBL & DUL Settings
3. Check the option Enable RBL/DUL check.
4. Restart the MailScan Services from Server Control ==> Server Status and restart the Anti-Spam and SMTP Services.

4. Can domain IP's which are listed in the RBL / DUL server be whitelisted in MailScan?

A. Yes. To whitelist domain IP's which are listed in the RBL / DUL server

1. Login the the Web-Administration of the MailScan
https://ip-address-of-MailScan-Server:10443
2. Click on Mail Options ==> RBL & DUL Settings
3. Add the Domain's IP address, to be whitelisted, in the space provided for "White List RBL Listed IPs".
4. Restart the MailScan Services from Server Control ==> Server Status and restart the Anti-Spam and SMTP Services.
Mailscan will accept all the mails from the whitelisted ip address.

5. What is "Black List RBL Listed IPs" in MailScan?

A. When an IP address, found in the RBL / DUL server's list, can be added in the "Black List RBL Listed IPs" of the MailScan. Any, connection from the IP address listed in "Black List RBL Listed IPs" will be instantly dropped, without querying the RBL / DUL servers.



Scenarios

Type I

MailScan for Linux Mailserver can act as a Mail Gateway (Mail Transport Agent – MTA), wherein the MailServer is on a different system. All mails shall be scanned and passed through MailScan and then forwarded to the MailServer located on a different system.




Type II

MailScan for Linux Mailserver is installed on the same system where a Mailserver is running. MailScan will be running on Port 25 and the MailServer SMTP service should be made to run on a different unused port eg. Port 26. Incoming mails will be accepted on port 25 & scanned by MailScan and then forwarded to the MailServer SMTP port 26.



Type III

MailScan for Linux Mailserver can also act as a Mail Delivery Agent (MDA) for locally configured mail users.




eScan Copyright © 2015 MicroWorld Technologies Inc.- AntiVirus & Content Security.       Send your feedback to solutions@escanav.com eScan Wiki

    Privacy policy  About eScan Wiki  Disclaimers   This page has been accessed 97,888 times.