mirroir readonly du Gitit wiki.evolix.org (attention, ne rien commiter/merger sur ce dépôt) https://wiki.evolix.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

3.6 KiB

categories title
system Howto ESET Antivirus

Antivirus fichiers (File Security)

To COMPLETE INSTALLATION or UPDATE the Product:
   * Import the license file: /opt/eset/esets/sbin/esets_lic --import file.lic
   * Enter acquired username/password information into the global section
     of main configuration file /etc/opt/eset/esets/esets.cfg
   * Start main daemon service: /etc/init.d/esets start

To UNINSTALL the Product:
   * Uninstall the package: dpkg --purge esets

To KEEP your KNOWLEDGE Up-To-Date:
   * Read the User's Guide in /opt/eset/esets/share/doc.
   * Read manual page esets.cfg(5) (use 'man esets.cfg').

To REPORT Bugs or Problems:
   * Please, visit: www.eset.com/support

Pour lancer un scan :

/opt/eset/esets/sbin/esets_scan --no-symlink --no-quarantine --clean-mode=none /home

Antivirus Mail (Mail Security)

L’installation consiste a exécuter une archive auto-extractible qui contient un .deb. Une fois installé, le logiciel ESETS réside dans /opt/esets.

Pour activer la mise à jour des signatures antivirus il faut spécifier le av_update_username/password dans /etc/opt/eset/esets/esets.cfg.

Si vous avez un proxy ou un pare-feu il faut autoriser update.eset.com.

Pour démarrer le démon :

# systemctl start esets

Mise à jour manuelle des signatures antivirus :

# /opt/eset/esets/sbin/esets_update --username="$LOGIN" --password="$PASS"

Pour mettre à jour la version de Antivirus Mail, il faut récupérer la dernière version depuis l’interface web, Home > Product version > Check for new version.

Puis l’exécuter comme ceci :

sh ./esets.amd64.deb.bin

Cela redémarre esets.service, il conserve la configuration courante et la licence associé.

Utilisation en content_filter postfix

Exemple de configuration :

[smtp]
agent_enabled = yes
num_proc = 1
num_thrd = 2
listen_addr = "localhost"
listen_port = 2526
server_addr = "localhost"
# Port classique 10025 pack mail Evolix, second serveur SMTP post amavis
# Ou port 10024 pour passer à Amavis
server_port = 10025
timeout_client = 30
add_header_xvirus = yes
add_header_received = yes
action_av = "scan"
action_as = "scan"
av_eml_subject_modification_mask = "as_spam"
av_eml_header_modification_mask = ""
av_eml_footnote_modification_mask = ""
av_eml_header_template = "%avstatus%"
#av_eml_subject_template = "[Virus %avstatus%]"
as_eml_subject_template = "[%asstatus%]"
as_eml_header_modification = yes
av_mail_notified_users = "postmaster@example.com"
av_scan_obj_archives = yes
av_scan_obj_mime = yes
av_scan_obj_sfx = yes
av_scan_obj_rtp = yes
av_scan_app_adware = yes
av_scan_app_unsafe = yes
av_scan_app_unwanted = yes
av_scan_pattern = yes
av_scan_heur = yes
av_scan_adv_heur = yes
av_scan_smart = yes
action_av_infected = "accept"
action_av_notscanned = "accept"
action_av_deleted = "accept"
action_as_spam = "accept"
av_eml_footnote_log_all = yes
av_clean_mode = "standard"
av_scan_obj_max_size = 0
av_scan_archive_max_level = 10
av_scan_archive_timeout = 30
av_scan_archive_max_size = 0
av_quarantine_enabled = no
syslog_facility = "mail"
syslog_class = "error:warning:summall:summ:partall:part:info:debug"

Interface web

Exemple de configuration :

[wwwi]
agent_enabled = yes
listen_addr = "127.0.0.1"
listen_port = 9090
username = "admin"
password = "password"

Voir les logs

journalctl -f -u esets