wiki/HowtoESETS.md

---
categories: system
title: Howto ESET Antivirus
...

# Antivirus fichiers (File Security)

* Documentation : <https://help.eset.com/efs/4/en-US/>

~~~
To COMPLETE INSTALLATION or UPDATE the Product:
   * Import the license file: /opt/eset/esets/sbin/esets_lic --import file.lic
   * Enter acquired username/password information into the global section
     of main configuration file /etc/opt/eset/esets/esets.cfg
   * Start main daemon service: /etc/init.d/esets start

To UNINSTALL the Product:
   * Uninstall the package: dpkg --purge esets

To KEEP your KNOWLEDGE Up-To-Date:
   * Read the User's Guide in /opt/eset/esets/share/doc.
   * Read manual page esets.cfg(5) (use 'man esets.cfg').

To REPORT Bugs or Problems:
   * Please, visit: www.eset.com/support
~~~

Pour lancer un scan :

~~~
/opt/eset/esets/sbin/esets_scan --no-symlink --no-quarantine --clean-mode=none /home
~~~

# Antivirus Mail (Mail Security)

* Documentation : <https://help.eset.com/ems_linux/4/en-US/>
* Téléchargement : <https://www.eset.com/us/business/server-antivirus/mail-security-linux/download/> (Nécessite login/pass).

L'installation consiste a exécuter une archive auto-extractible qui contient un .deb. Une fois installé, le logiciel ESETS réside dans `/opt/esets`.

Pour activer la mise à jour des signatures antivirus il faut spécifier le `av_update_username/password` dans `/etc/opt/eset/esets/esets.cfg`.

Si vous avez un proxy ou un pare-feu il faut autoriser `update.eset.com`.

Pour démarrer le démon :

~~~
# systemctl start esets
~~~

Mise à jour manuelle des signatures antivirus :

~~~
# /opt/eset/esets/sbin/esets_update --username="$LOGIN" --password="$PASS"
~~~

Pour mettre à jour la version de Antivirus Mail, il faut récupérer la dernière version depuis l'interface web, Home > Product version > Check for new version.

Puis l’exécuter comme ceci :

~~~
sh ./esets.amd64.deb.bin
~~~

Cela redémarre esets.service, il conserve la configuration courante et la licence associé.

## Utilisation en content_filter postfix

Exemple de configuration :

~~~
[smtp]
agent_enabled = yes
num_proc = 1
num_thrd = 2
listen_addr = "localhost"
listen_port = 2526
server_addr = "localhost"
# Port classique 10025 pack mail Evolix, second serveur SMTP post amavis
# Ou port 10024 pour passer à Amavis
server_port = 10025
timeout_client = 30
add_header_xvirus = yes
add_header_received = yes
action_av = "scan"
action_as = "scan"
av_eml_subject_modification_mask = "as_spam"
av_eml_header_modification_mask = ""
av_eml_footnote_modification_mask = ""
av_eml_header_template = "%avstatus%"
#av_eml_subject_template = "[Virus %avstatus%]"
as_eml_subject_template = "[%asstatus%]"
as_eml_header_modification = yes
av_mail_notified_users = "postmaster@example.com"
av_scan_obj_archives = yes
av_scan_obj_mime = yes
av_scan_obj_sfx = yes
av_scan_obj_rtp = yes
av_scan_app_adware = yes
av_scan_app_unsafe = yes
av_scan_app_unwanted = yes
av_scan_pattern = yes
av_scan_heur = yes
av_scan_adv_heur = yes
av_scan_smart = yes
action_av_infected = "accept"
action_av_notscanned = "accept"
action_av_deleted = "accept"
action_as_spam = "accept"
av_eml_footnote_log_all = yes
av_clean_mode = "standard"
av_scan_obj_max_size = 0
av_scan_archive_max_level = 10
av_scan_archive_timeout = 30
av_scan_archive_max_size = 0
av_quarantine_enabled = no
syslog_facility = "mail"
syslog_class = "error:warning:summall:summ:partall:part:info:debug"

~~~

## Interface web

Exemple de configuration :

~~~
[wwwi]
agent_enabled = yes
listen_addr = "127.0.0.1"
listen_port = 9090
username = "admin"
password = "password"
~~~

## Voir les logs

~~~
journalctl -f -u esets
~~~