BitDefender-smtp
Content
BITDEFENDER FOR MAIL SERVERS – Linux SMTP Relay SOFTWIN
User’s guide
BitDefender for Mail Servers – Linux SMTP Relay
Contents
License and Warranty........................................................................................... 3 Installation ............................................................................................................. 6
Package naming........................................................................................................... 6 System requirements ................................................................................................... 6 Install ............................................................................................................................ 6 Uninstall........................................................................................................................ 7 Upgrade from previous BitDefender versions .............................................................. 7
What is BitDefender for Mail Servers?................................................................ 9 Configuration under Linux ................................................................................. 11
NetProtect .................................................................................................................. 11 Plugins................................................................................................................ 11 Events................................................................................................................. 13 Agents ................................................................................................................ 14 Live............................................................................................................................. 16 Automatic update................................................................................................ 16 Manual update.................................................................................................... 17 Product registration .................................................................................................... 18
Configuration under Windows........................................................................... 19
The Management Console installation ....................................................................... 19 Uninstalling, repairing or modifying BitDefender Management Console .................... 23 Accessing the Management Console......................................................................... 24 Selecting the action on infected messages ................................................................ 26 Select the action on infected messages ............................................................. 26 Select the location for the quarantine area......................................................... 27 Sending alarm messages in case of infection ............................................................ 28 Updating the product .................................................................................................. 31 Viewing the reports and the statistics......................................................................... 33 Product registration .................................................................................................... 34 Server configuration ................................................................................................... 35 Configuring the proxy server .............................................................................. 35 Configuring the security...................................................................................... 36
Frequently Asked Questions ............................................................................. 38 Contact information............................................................................................ 40
2
BitDefender for Mail Servers – Linux SMTP Relay
License and Warranty
IF YOU DO NOT AGREE TO THESE TERMS AND CONDITIONS DO NOT INSTALL THE SOFTWARE. BY CLICKING "I ACCEPT", "OK", "CONTINUE", "YES" OR BY INSTALLING OR USING THE SOFTWARE IN ANY WAY, YOU ARE INDICATING YOUR COMPLETE UNDERSTANDING AND ACCEPTANCE OF THE TERMS OF THIS AGREEMENT. This License Agreement is a legal agreement between you (either an individual or a single entity end user) and SOFTWIN for use of the SOFTWIN software product identified above, which includes computer software and may include associated media, printed materials, and "online" or electronic documentation ("BitDefender"), all of which are protected by U. S. and international copyright laws and international treaty protection. By installing, copying, or otherwise using the BitDefender, you agree to be bound by the terms of this agreement. If you do not agree to the terms of this agreement, do not install or use the BitDefender; you may, however, return it to your place of purchase for a full refund within 30 days after your purchase. Verification of your purchase may be required. BitDefender License BitDefender is protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties. The BitDefender is licensed, not sold. GRANT OF LICENSE. SOFTWIN hereby grants you and only you the following nonexclusive license to use BitDefender: APPLICATION SOFTWARE. You may install and use one copy of the BitDefender, or any prior version for the same operating system, on a single computer terminal. The primary user of the computer on which the BitDefender is installed may make one additional (i.e. second) copy for his or her exclusive use on a portable computer. NETWORK USE. You may also store or install a copy of the BitDefender on a storage device, such as a network server, used only to install or run the BitDefender on your other computers over an internal network; however, you must purchase and dedicate a separate license for each separate computer terminal on which the BitDefender is installed or run from the storage device. A license for the BitDefender may not be shared or used concurrently on different computers or computer terminals. You should purchase a license pack if you require multiple licenses for use on multiple computers or computer terminals. LICENSE PACKS. If you purchase a License Pack and you have acquired this License Agreement for multiple licenses of BitDefender, you may make the number of additional copies of the computer software portion of the BitDefender specified above as "Licensed copies." You are also entitled to make a corresponding number of secondary copies for portable computer use as specified above in the section entitled "Application Software".
3
BitDefender for Mail Servers – Linux SMTP Relay
TERM OF LICENSE. The license granted hereunder shall commence on the date that you install, copy or otherwise first use BitDefender and shall continue only on the computer on which it is initially installed. UPGRADES. If the BitDefender is labeled as an upgrade, you must be properly licensed to use a product identified by SOFTWIN as being eligible for the upgrade in order to use the BitDefender. A BitDefender labeled as an upgrade replaces and/or supplements the product that formed the basis for your eligibility for the upgrade. You may use the resulting upgraded product only in accordance with the terms of this License Agreement. If the BitDefender is an upgrade of a component of a package of software programs that you licensed as a single product, the BitDefender may be used and transferred only as part of that single product package and may not be separated for use on more than one computer. COPYRIGHT. All right, title and interest in and to BitDefender and all copyright rights in and to the BitDefender (including but not limited to any images, photographs, logos, animations, video, audio, music, text, and "applets" incorporated into the BitDefender), the accompanying printed materials, and any copies of the BitDefender are owned by SOFTWIN. The BitDefender is protected by copyright laws and international treaty provisions. Therefore, you must treat the BitDefender like any other copyrighted material except that you may install the BitDefender on a single computer provided you keep the original solely for backup or archival purposes. You may not copy the printed materials accompanying the BitDefender. You must produce and include all copyright notices in their original form for all copies created irrespective of the media or form in which BitDefender exists. You may not sub-license, rent, sell, or lease BitDefender. You may not reverse engineer, recompile, disassemble, create derivative works, modify, translate, or make any attempt to discover the source code for BitDefender. LIMITED WARRANTY. SOFTWIN warrants that the media on which BitDefender is distributed is free from defects for a period of thirty days from the date of delivery of BitDefender to you. Your sole remedy for a breach of this warranty will be that SOFTWIN, at its option, may replace the defective media upon receipt of the damaged media, or refund the money you paid for BitDefender. SOFTWIN does not warrant that BitDefender will be uninterrupted or error free or that the errors will be corrected. SOFTWIN does not warrant that BitDefender will meet your requirements. SOFTWIN HEREBY DISCLAIMS ALL OTHER WARRANTIES FOR BITDEFENDER, WHETHER EXPRESSED OR IMPLIED. THE ABOVE WARRANTY IS EXCLUSIVE AND IN LIEU OF ALL OTHER WARRANTIES, WHETHER EXPRESSED OR IMPLIED, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. THIS WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS. YOU MAY HAVE OTHER RIGHTS, WHICH VARY FROM STATE TO STATE.
4
BitDefender for Mail Servers – Linux SMTP Relay
DISCLAIMER OF DAMAGES. Anyone using, testing, or evaluating BitDefender bears all risk to the quality and performance of BitDefender. In no event shall SOFTWIN be liable for any damages of any kind, including, without limitation, direct or indirect damages arising out of the use, performance, or delivery of BitDefender, even if SOFTWIN has been advised of the existence or possibility of such damages. SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. IN NO CASE SHALL SOFTWIN'S LIABILITY EXCEED THE PURCHASE PRICE PAID BY YOU FOR BITDEFENDER. The disclaimers and limitations set forth above will apply regardless of whether you accept or use, evaluate, or test BitDefender. IMPORTANT NOTICE TO USERS. THIS SOFTWARE IS NOT FAULT-TOLERANT AND IS NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL-SAFE PERFORMANCE OR OPERATION. THIS SOFTWARE IS NOT FOR USE IN THE OPERATION OF AIRCRAFT NAVIGATION, NUCLEAR FACILITIES, OR COMMUNICATION SYSTEMS, WEAPONS SYSTEMS, DIRECT OR INDIRECT LIFESUPPORT SYSTEMS, AIR TRAFFIC CONTROL, OR ANY APPLICATION OR INSTALLATION WHERE FAILURE COULD RESULT IN DEATH, SEVERE PHYSICAL INJURY OR PROPERTY DAMAGE. GOVERNMENT RESTRICTED RIGHTS/RESTRICTED RIGHTS LEGEND. Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 or subparagraphs (c)(1) and (2) of Commercial Computer SoftwareRestricted Rights clause at 48 CFR 52.227-19, as applicable. Contact SOFTWIN, at Fabrica de Glucoza St., No 5, 72322-Sect.2, Bucharest, Romania, or at Tel No: 40-212330780, Fax:40-21-2330763 GENERAL. This Agreement will be governed by the laws of Romania and by the international copyright regulations and treaties. This Agreement may only be modified by a license addendum, which accompanies this Agreement or by a written document which has been signed, by both you and SOFTWIN. This Agreement has been written in the English language only and is not to be translated or interpreted in any other language. Prices, costs and fees for use of BitDefender are subject to change without prior notice to you. In the event of invalidity of any provision of this Agreement, the invalidity shall not affect the validity of the remaining portions of this Agreement. BitDefender and BitDefender logos are trademarks of SOFTWIN. All other trademarks are the property of their respective owners.
5
BitDefender for Mail Servers – Linux SMTP Relay
Installation
Package naming
BitDefender for Mail Servers – Linux SMTP Relay package is named considering the following parameters: BitDefender-smtp-{version}.{os}.{architecture}.{package type}.run Variable {version} {os} Description is the package version. For example, 1.5.1-7 is version 1, subversion 5.1, package build 7. is Linux for the momment :), *BSD and other Unices will be available soon. Linux has 2 versions - one compiled with gcc 2.9x and the other with gcc 3.x. Choose the appropriate version for your system. is the processor type. i586 is the current development version. It will work on Intel Pentium II, Pentium III, Penium IV, AMD alternatives and other compatible processors. reffers to the package management tool we use in order to install the files on your computer. This is one of rpm, deb or tar. rpm uses the Red Hat Package Manager, deb uses dpkg and tar is the most portable method. Please note that, however, the tar packages do not contain source code. Please install the appropriate package for your system.
{architecture}
{package type}
System requirements
Before installing BitDefender for Mail Servers, you must first verify if the company’s mail server meets the following system requirements: Processor: minimum Pentium II 300 MHz (800 Recommended processor) RAM: minimum 64 Mb of memory (128 Recommended) Disk space: minimum 20 Mb Operating system: Linux distribution with kernel v. 2.2 or 2.4 (Recommended) and glibc minimum v. 2.2.3
Install
Before you begin the installation process we recommend you to check that the installation kit is not corrupted (this can happened sometimes, especially if you dowloaded it). Please run: sh ./BitDefender-smtp-{version}.{os}.{architecture}.{package type}.run --check The answer should be: Verifying archive integrity.. MD5 checksums are OK. All good. If you get a different answer, please re-download the installation kit. 6
BitDefender for Mail Servers – Linux SMTP Relay
All packages, regardless of the {package type}, are installed using: sh ./BitDefender-smtp-{version}.{os}.{architecture}.{package type}.run For example, if you want to install the version for Mail Servers, using the rpm-based package, run this: sh ./BitDefender-smtp-1.5.1-5.linux.i586.rpm.run in the directory where the package is located.
Nota: If you would like to see all the install options run: sh ./BitDefender-smtp-{version}.{os}.{architecture}.{package type}.run --help
This will unpack the BitDefender packages, and will launch the install script, that will in turn install the BitDefender components. These are: BitDefender-engines, BitDefender-core and BitDefender-smtp. Please follow the instructions exactly during the installation process.
Uninstall
To uninstall the package you should run: sh ./BitDefender-smtp-{version}.{os}.{architecture}.{package type}.run --uninstall There is an alternative method too: For rpm: • rpm -e BitDefender-smtp • rpm -e BitDefender-core • rpm -e BitDefender-engines For tar: • Stop BitDefender services ”/opt/BitDefender/bin/bd stop” • Delete (/opt/BitDefender) • Delete the integration from MTA ( you must start the MTA normally on port 25) • Reload Smtp.
Upgrade from previous BitDefender versions
This install system is not compatible with the previous BitDefender, so automatic upgrading is not supported. You need to uninstall the previous version. Follow these steps: 1. Stop BitDefender services Run: /etc/init.d/np stop /etc/init.d/bdnp stop (for BitDefender v1.2) (for BitDefender v1.5)
7
BitDefender for Mail Servers – Linux SMTP Relay
2. Uninstall the old VERSION OF BitDefender - run: rpm -e np rpm -e bdnp (for BitDefender v1.2) (for BitDefender v1.5)
- delete “/tmp/BDNP”, if it exists. Run: ”rm -fr /tmp/BDNP” If you installed from the .tar version, delete the installation folder (by default this is “/usr/local/bitdef”). Then remove the BitDefender integration from your mta. You must start the MTA normally on port 25 3. Install the new version Follow the instructions from the Install section.
8
BitDefender for Mail Servers – Linux SMTP Relay
What is BitDefender for Mail Servers?
The acquisition and installation of an antivirus product for the company’s mail server is the most efficient way of preventing the infection of a computer and the spreading of viruses inside the company, and outside the company as well through the most common way of communication - the e-mail. BitDefender For Mail Servers – Linux SMTP Relay is the solution SOFTWIN offers for the antivirus protection of the Linux mail servers. The product is designed and implemented in a modular manner, thus it can easily adapt to any work environment. All the messages received by the server are scanned using the BitDefender scan engines. This technology detects all the viruses presents in the attachments; BitDefender features built-in support for more than 80 packed files formats, including RAR, ZIP, ARJ, LZH, LHA, ACE, GZIP, TARGZ, JAR, UUE, MIME or CAB archives, no matter how they were created (self-extractable, multivolume, etc). If the message is clean, it will be sent forward to the mail recipient. In case an infection is found, it will be treated corresponding to the selected option (disinfection, deletion or isolation in the quarantine area) and alarm messages will be sent to the persons responsible for network security and management. For ensuring a superior and efficient antivirus protection, BitDefender For Mail Servers was designed with a function for an automatic update of the virus definitions. This function periodically connects to the BitDefender upgrade server, without the administrator’s intervention. Features: Antivirus protection for Mail Servers; Scanning of all the e-mail messages and attached files; Automatic and incremental update of virus definitions and scanning engines directly from BitDefender servers; Generates alarm messages through e-mail; Possibility of isolating the infected attachments and/or e-mail’s body in the quarantine zone; Antivirus protection for the newly created mail boxes; The multirecipient messages are filtered only once, before delivery, and not many times for each mail recipient; Remote administration, by simply installing the management console on the remote computer; Detailed statistics and reports regarding the number of scanned files, the infected files, the deleted and disinfected files; The antivirus protection can be configured under both Linux and Windows.
9
BitDefender for Mail Servers – Linux SMTP Relay
You can see below a general scheme of the way BitDefender integrates with a MTA:
The message’s HTML body and attachments will be verified in order to detect the infected files and the back doors/ trojans/ worm files and prevent their spreading into the system. Only the clean messages will be delivered to the mail clients from the stations or will be sent further to the mail recipients outside the company. The infected messages are treated depending on the administrator’s option, by disinfection, deletion or isolation in a certain location on the server, considered to be the quarantine zone.
10
BitDefender for Mail Servers – Linux SMTP Relay
Configuration under Linux
The specification of the protection settings is made through the file bdsettings.xml, found to the location ”/opt/BitDefender/etc/bdsettings.xml”. Edit this file in order to specify the protection options. The file might be structured in the following sections: <NetProtect> <live> each one will be treated in a special paragraph:
NetProtect
Here the user can specify the action on the infected objects, the location of the quarantine zone, the events when a special situation appears. Inside this section there are some subsections, which contain a few tags where the user can modify the settings:
Plugins
In the Plugins section you can modify the action on the infected files, the location of the quarantine zone and you can enable / disable the Real Time Virus Reporting module. In the <AV> subsection three variables are present: first action, second action and quarantine. <Plugins> <AV> <FirstAction value=”DISINFECT”/> <SecondAction value=”QUARANTINE”/> <QuarDir value=”/opt/BitDefender/var/quarantine” /> </AV> </Plugins> 1. FirstAction – specifies the first action on the infected files 2. SecondAction – specifies the second action, in case the first action fails. The second action is enabled only when the first action is “DISINFECT”.
11
BitDefender for Mail Servers – Linux SMTP Relay
The values that FirstAction and SecondAction can take are: FirstAction IGNORE SecondAction Description The result is that the infections found are ignored and the messages will be delivered to the mail recipients, along with the infected part, without any reaction. IGNORE In case the disinfection of the message fails, this is delivered to the mail recipient without any change and still containing the infection. DELETE If the disinfection fails, the infected part* will be deleted. Thus, if the attachment is infected, it will be deleted, and the message will be delivered to the mail client from the station without that attachment. In case the body of the message is infected, its content will be deleted and an empty message will be delivered to the mail recipient. QUARANTINE In case of disinfection failure, it isolates the infected part* of the message in the quarantine area. Thus, if the attachment is infected than it will be moved in the quarantine area and the message will be delivered without it. If the body of the message is infected, it will be moved in the quarantine area and an empty message will be delivered. The infected part* of the message will be deleted, and it will be delivered to the mail recipient without the infected part. The infected part* will be isolated in the quarantine zone.
DISINFECT
DELETE QUARANTINE
* the body or the attachment(s) of the messages.
Note: The action on infected files must be written with caps.
3. QuarDir – this variable specifies the location of the quarantine folder, where the infected files will be isolated. In the <RTVR> subsection you can enable / disable the RTVR module. <Plugins> <RTVR value="" > <Path value="/opt/BitDefender/lib/logger/rtvr.npl"/> <Active value="Y" /> <Enable value="Y" /> </RTVR> </Plugins> The RTVR module was designed to report new viruses identified on different regions. It wasn’t conceived with commercial purposes, but for creating reports and statistics concerning the virus activity. The messages sent to BitDefender laboratory will contain only the name of the virus. The values of UID and CUID are randomly generated. 12
<UID value="99619d0a-488a-47f7-ace5-5b20976d180c" /> <CUID value="0e1958da-a06c-4db6-a85d-86f2c8f9578a"/>
BitDefender for Mail Servers – Linux SMTP Relay
Events
<Events> <Logger > <Plugins > <MNsmtp > <Path value="/opt/BitDefender/lib/logger/mn-smtp.npl" /> <Active value="Y" /> <SMTPServer value="127.0.0.1" /> <From value="[email protected]" /> <Ev6 value="[email protected]" /> <SenderReceiver value="Y" /> <IsMail value="Y" /> </MNsmtp> </Plugins> </Logger> </Events> This subsection allows you to specify the events in case a situation out of ordinary appears. There are three type of events that may appear, each one having associated a variable: Event Warning Error Variable Description Ev3 Generates a warning message in case a special situation, such as disabling the BitDefender protection, appears. Ev4 Generates a message announcing the apparition of a disfunctionality within BitDefender. Such situations may appear, for example, due to the accidental deletion of some files or failure to load the scan engines. Ev6 A message is generated in case an infected or suspicious message is detected.
Virus
In the example above, an e-mail will be sent to [email protected] in case a virus is found. If we had wanted to send an e-mail to [email protected] in case an error appeared, we should have inserted the line: <Ev4 value=”[email protected]”/> Ev4, that is the variable for error, receives the value [email protected], that is the recipient that will be informed. The variable SenderReceiver specifies if the sender and the receiver of the message will be warned or not in case an infected message is detected. This variable can get two values: - Y – to send a warning message: <SenderReceiver value=”Y”> - N – not to send a warning message: <SenderReceiver value=”N”> 13
BitDefender for Mail Servers – Linux SMTP Relay
Agents
<Agents value=””> <SMTP value=””> <Auto value=”N” /> <Id value=”4” /> <Setts value=”127.0.0.1:10025” /> <Port value=”25” /> <Doms value=””> <softwin.ro value=”” /> <bitdefender.ro value=”” /> </Doms> <Nets value=”” > <192.168.5.0 value=”255.255.255.0” /> <192.168.9.0 value=”255.255.255.0” /> </Nets> <Key value="0000-0000-0000-0000-0000" /> </SMTP> </Agents> In this subsection you must specify the SMTP settings. There are a few variables, each one will be explained below: Auto – this variable specifies whether the configuration of the proxy server is made automatically or explicitly. BitDefender for Mail Servers behaves like a proxy server for the company’s mail server. The way BitDefender was designed allows the configuration of the proxy settings to be made automatically or clearly by the administrator. Automatic configuration – the proxy settings will be automatically identified by BitDefender. The variable Auto takes the value “Y”. Explicit configuration – in this case, the variable Auto takes the value “N” and the administrator must specify the proxy settings, using the variables: Setts – specifies the real server and the real port. The value must be specified like value=”real_server:real_port” Port – specifies the port on which the SMTP server listens Key – specifies the registration key for BitDefender
Note: After installation, Setts value will be ”127.0.0.1:10025 because the real mail server is
considered to be that on which Bitdefender (localhost) was installed, and it was reconfigured to accept e-mails on port number 10025.
Inside the <SMTP> tag you can observe two more tags: <Doms> and <Nets>. These tags enable you to establish certain restrictions regarding the e-mail domains and the network addresses that the proxy will recognize as valid for the mail traffic through the company’s mail server. This is a supplementary protection measure.
14
BitDefender for Mail Servers – Linux SMTP Relay
Notes: 1. In case you haven't specified any security restriction, all the messages will be recognized as invalid and will not be accepted, no matter their source and destination. 2. If you have specified some email domains, only the emails sent to those domains will be recognized as valid and will be delivered. 3. If you have declared a network domain, the outgoing emails from that domain will be delivered to their destination. 4. All the messages coming from an external source will be delivered only if their destination is an address of one of the domains introduced in the <Doms> tags. By external source we mean any e-mail originating from an IP address that doesn't belong to any of the network domains declared in the Network Address section.
The specification of the e-mail domains is made inside the <Doms> tags. The e-mail domains must be specified in the following manner: <e-mail_domain value=””/> The specification of the network domains is made inside the <Nets> tags . The network domains must be specified in the following manner: < network_address value=”network_mask” /> This feature was designed in order to block unauthorised sending of confidential data outside the company. For example, if you want to limit a certain group of users to sending messages only to company addresses, you can leave them out of the <Nets> tags. These will be regarded as external sources.
15
BitDefender for Mail Servers – Linux SMTP Relay
Live
In this section you may find the settings for BitDefender update. <live> <CheckSecs value=”28880” /> <mainlocation value=http://upgrade.bitdefender.com /> <ProxyOn value=”Y”> <ProxySetts value=”192.168.5.99:8080” /> </live> Variable CheckSecs Mainlocation ProxyOn Description specifies the interval to which the upgrade checking is made (in seconds) specifies the location of the upgrade server specifies if the product upgrade is made or not through a proxy server. If the upgrade is made through a proxy, the variable gets the value Y, otherwise it gets the N value. specifies the proxy settings, in case the company uses a proxy server.
ProxySetts
The proxy settings must be specified in the following manner: <ProxySetts value=”proxy_server:port” /> or <ProxySetts value=”user_name:password@proxy_server:port” /> for the proxy servers with authentication.
Note: You don't have to stop the BitDefender services in order to modify the proxy settings
Automatic update
BitDefender for Mail Servers is pre-configured to update automatically each 8 hours. To configure the automatic update module please follow these steps: 1. Stop all BitDefender services Use the "/opt/BitDefender/bin/bd stop" command (alternatively, you can use "/etc/init.d/bd stop" or "service bd stop"). 2. Open the bdsettings.xml file It is located in “/opt/BitDefender/etc” 3. Modifying the time interval To modify the update time interval you will have to modify the tag bellow: <CheckSecs value="28800" />
Note: The time interval is displayed in seconds.
16
BitDefender for Mail Servers – Linux SMTP Relay
4. Proxy server configuration If you are using a proxy server to connect to the internet please run the following bdsetup –proxy command and follow the on-screen instructions. In order to deactivate run bdsetup –noproxy. 5. Restart BitDefender services Use the "/opt/BitDefender/bin/bd start" command (alternatively, you can use "/etc/init.d/bd start" or "service bd start").
Note: We recommend you to change the settings from the Management Console under Windows.
Manual update
The cumulative.zip is released every week on Monday and it includes all the virus definitions and scan engines updates up to the release date. The daily.zip is released each day and it includes all the virus definitions and scan engines updates since the last cumulative and up to the current date. In order to update the product manually, please follow these steps: 1. Stop all BitDefender services Use the "/opt/BitDefender/bin/bd stop" command (alternatively, you can use "/etc/init.d/bd stop" or "service bd stop"). 2. Download If it's Monday or if it's the first time you update using the manual updates please download the cumulative.zip and save it on your disk when prompted. Otherwise please download the daily.zip and save it on your disk. 3. Extract Extract the contents of the zip file to “/opt/BitDefender/lib/Plugins/ “ (overwrite the existing files if necessary).
Note: If you are using both cumulative.zip and daily.zip you will have to extract the contents of the cumulative.zip first.
4. Restart BitDefender services Use the "/opt/BitDefender/bin/bd start" command (alternatively, you can use "/etc/init.d/bd start" or "service bd start").
17
BitDefender for Mail Servers – Linux SMTP Relay
Product registration
The product is delivered with a trial registration key valid for thirty days. At the end of the trial period, if you want to purchase the product you have to provide a new serial number. In order to modify the default serial number use the : “/opt/BitDefender/bin/bd register” command (alternatively you can use /etc/init.d/bd register" or "service bd register") and follow the on-screen instructions. The product registration cand be made also under Windows, in the Register section from the Management Console.
18
BitDefender for Mail Servers – Linux SMTP Relay
Configuration under Windows
BitDefender for Mail Servers can also be configured from Windows. In order to configure the antivirus protection for Linux from Windows, it is necessary to install the Management Console first. Before installing, you have to make sure that the computer meets the following system requirements: Operating system: Windows NT, Windows 2000 Recommended processor: Pentium II 300 MHz Recommended memory: 64 Mb Minimum disk space: 20 Mb
The Management Console installation
In order to install the product, it is absolutely necessary to log on the computer with administrative rights. Step 1: Insert the CD into the CD-ROM unit and double-click on the file “BitDefenderRemoteAdmin.exe”. This will launch the setup wizard, which will guide you through the setup process. The following window will appear:
Press Cancel if you want to abandon the setup process. Press Next in order to continue.
19
BitDefender for Mail Servers – Linux SMTP Relay
Step 2: In this window you can read the License Agreement.
If you do not agree with this terms press No. The installation process will be abandoned and you will exit setup. Click Yes if you understand and agree with these terms, and you will pass to the next step. Step 3: The following window allows you to select the folder where you want to install BitDefender. By default, this is Program Files\Softwin\ BDRemote on the system partition.
In case you want to install the product in another folder, click on Browse… and select from the exploring window another folder. Click on Next to continue.
20
BitDefender for Mail Servers – Linux SMTP Relay
Step 4: The next window will ask you which type of installation you prefer.
Choose one of the following options: Typical – The program will be installed with the most common options. This is the recommended option for most users. Compact – Program will be installed with the minimum required options. Custom – You may choose the components you want to install. Recommended for advanced users only. Select Typical and click on Next.
21
BitDefender for Mail Servers – Linux SMTP Relay
Step 5: Type in the name for BitDefender that you want to appear in the “Start menu\Programs” folder. By default this is “BDRemote”.
Click on Next. Step 6: In the end a window will confirm you the installation of the program on your computer.
Select Yes, I want to restart my computer now and press Finish. The system will restart.
22
BitDefender for Mail Servers – Linux SMTP Relay
Uninstalling, repairing or modifying BitDefender Management Console
If you want to modify, repair or uninstall the initial installation of BitDefender Management Console, from the Windows menu select Start → Programs → BitDefender Remote Admin → Modify & Repair & Uninstall. The following window will appear. You have to select one of these three options:
Modify – Select new program components to add or select currently installed components to remove. Repair – Re-install all program components installed by the previous setup. Remove – Remove all installed components. To continue setup, select one of the three options listed above. We recommend Remove for a clean installation.
23
BitDefender for Mail Servers – Linux SMTP Relay
Accessing the Management Console
The Management Console can be launched from the Windows Start menu, following the path Start → Programs → BitDefender Remote Admin → Remote console. In order to be functional, the Management Console must connect to the server, that is the computer where BitDefender is installed, because it uses the scan engines installed on that computer. When you access the Management Console, a small window appears prompting you to type in the IP of the computer where BitDefender is installed.
Type in the IP of the computer and the password and click Ok. After connecting to that computer, the Management Console becomes active. It will read the configuration information from the server and any modification made will be transferred towards it. When the Management Console opens, one can view the configuration bar and the Option button on the left.
24
BitDefender for Mail Servers – Linux SMTP Relay
The left side menu (configuration toolbar) has the following options: About – to view information about the current version, copyright, and contact information as well; BitDefender Update - to access the configuration window for the product update; BitDefender Engine - to select the action, in case an infected file is detected, and the location of the quarantine area; Mail Notification – to select the e-mail addresses where alarm messages will be sent in case of virus detection; Statistics – to view the reports and statistics about the scanned objects; Register – to register the product; SMTP Proxy – to specify the SMTP Proxy settings. Options button will have as effect the opening of a menu with the following options: Connect to a remote computer – for introducing the IP for the computer you want to connect to. A window requesting the IP and the password will appear. Change administrative password – will open a window where you can specify the password. Type the password in the field Password and confirm it in the field Confirm.
Note: You must set a password before you can connect to a remote computer.
25
BitDefender for Mail Servers – Linux SMTP Relay
Selecting the action on infected messages
In order to select the action on infected messages click on the BitDefender Engine option from the Management Console.
Select the action on infected messages
BitDefender for Mail Servers allows the selection of one of the following actions on infected messages: First action Ignore Second action Description The result is that the infections found are ignored and the messages will be delivered to the mail recipients, along with the infected part, without any reaction. In case the disinfection of the message fails, this is delivered to the mail recipient without any change and still containing the infection. If the disinfection fails, the infected part* will be deleted. Thus, if the attachment is infected, it will be deleted, and the message will be delivered to the mail client from the station without that attachment. In case the body of the message is infected, its content will be deleted and an empty message will be delivered to the mail recipient. In case of disinfection failure, it isolates the infected part* of the message in the quarantine area. Thus, if the attachment is infected than it will be moved in the quarantine area and the message will be delivered without it. If the body of the message is infected, it will be moved in the quarantine area and an empty message will be delivered. The infected part* of the message will be deleted, and it will be delivered to the mail recipient without the infected part. The infected part* will be isolated in the quarantine zone.
Disinfect
Ignore
Delete
Move to quarantine
Delete
Move to quarantine
* the body or the attachment(s) of the messages.
26
BitDefender for Mail Servers – Linux SMTP Relay
Click to select the first action
Select the second action
Observations: 1. The section Second action, where one can select the second action for the infected messages, is a supplementary measure of protection and it is activated only in case the disinfection of the message was selected. 2. In order to prevent a possible infection in the network, we recommend you to select the first action Disinfect and the second action Move to quarantine or Delete. Select Move to quarantine in case the messages may contain important information and you wish to request later an antivirus analysis of the infected parts. 3. When referring to a message as infected, it means the infection of the attached file(s) and/or the message’s body itself. In case the disinfection fails, the message(s) without the infection will be delivered to the mail recipient(s), and depending on the configuration, the infected part will be deleted or isolated in the quarantine. 4. In case the second action is Ignore the messages will be delivered to the mail recipients without removing the infected part.
Select the location for the quarantine area In case the isolation of the infected files in the quarantine area was selected, the complete path to the quarantine folder must be specified.
Note: The quarantine folder must be previously created and must be located on the mail server. The complete path must be specified. For example: /opt/BitDefender/var/quarantine.
At the end, click on Apply in order to save the changes.
27
BitDefender for Mail Servers – Linux SMTP Relay
Sending alarm messages in case of infection
If an infection is found, there is the possibility of sending alarm messages by email. There are three types of events that can generate alarm messages: Variable Warning Error Description Generates a warning message in case a special situation, such as disabling the BitDefender protection, appears. Generates a message that announces the apparition of a disfunctionality within BitDefender. Such situations may appear, for example, because of the accidental deletion of some files or failure to load the scan engines. A message is generated in case an infected or suspicious message is detected.
Virus
Click Mail Notifications option from the Management Console. For sending alerts via email you must first specify some information in the section SMTP Settings: - SMTP Server – type in the name of the SMTP server that the company uses to send messages. - From – type in the e-mail address that will appear in the sender field.
Note: It is necessary to type in a valid e-mail address for the SMTP server, otherwise the server may decline sending an e-mail whose sender (e-mail address) is unknown to him.
In order to make the Mail Notification service active, you must click on Enable Mail Notification.
Type in the sender’s e-mail address
Click here to enable the service
Click here to select the event
Click here to modify the selected event
28
BitDefender for Mail Servers – Linux SMTP Relay
Check the Alert senders/receivers option in order to alert the sender/receiver when a virus is found in an email The section contains 3 buttons: Add – to add a new user who will receive an e-mail in case a situation out of the ordinary appears. Modify – to modify the recipient that will be warned or the event that causes the warning. Remove – to delete a warning event previously created. If you wish to create an event that generates warnings via e-mail, click Add. In the window that appears select the event's type, by simply clicking it and type in the e-mail address(es) where it will be delivered. Press Ok to save the event or Cancel to abandon.
Click here to select the event
For example, I want to generate alarm messages when a virus is found. I selected, in the Event section, Virus and introduced in the Send alert to field the e-mail address [email protected]. An e-mail will be sent to this address whenever BitDefender finds a virus. At one moment, an infected message was found. To [email protected] arrived an e-mail with the following content: BitDefender found an infected object in a message From: [tester1] To: [tester2] Subject: [subject] Object: object Virus: Klez.Y Thank you for choosing BitDefender The BitDefender Lab www.bitdefender.com
29
BitDefender for Mail Servers – Linux SMTP Relay
All the warning e-mails in case of infection will have the subject BitDefender found an infected object and will contain the name of the identified virus.
Note: If you want to send messages to more than just one mail recipient, these addresses must be separated by comma.
When you want to change an event (the mail recipient or the event type), press Modify. Select a new type of event, or specify a new e-mail address. Click Ok if you want to save the changes or Cancel if you want to keep the previous settings.
Note: To modify or delete an event it is necessary to click the field Event corresponding to that event and then press one of the buttons Modify or Remove. If you press the Remove button, the event will be removed without further warning.
At the end, click on Apply in order to save the changes.
30
BitDefender for Mail Servers – Linux SMTP Relay
Updating the product
BitDefender For Mail Servers was designed with a function for automatic update of the virus definitions. At the present time, the risk of getting infected increases, both because new viruses appear and the existing ones keep on spreading. The e-mail communication which is more and more used, has become a final factor in spreading the infection from one user to another. For example, the case of infection with mass mailers is well known. These viruses arrive by e-mail and replicate themselves by sending a copy to all the addresses from Address Book, spreading the infection without the user’s knowledge. Every 8 hours the update function is launched. It connects to the BitDefender upgrade server and in case new virus definitions are found, the update will be made transparently, without the administrator’s intervention, by downloading the files with the virus definitions. You can view the date and time the last check and update were made, by clicking the option BitDefender Update on the configuration bar. You will enter a section similar to the following:
31
BitDefender for Mail Servers – Linux SMTP Relay
The section contains 3 subsections: • • The subsection General information, containing the date and time of the last check and update. The subsection Update preferences that allows changing the update checking interval, as well as the update location. By default this is 8 hours. If you want to change it, type a new interval in the Check interval field. If you want to change the location for the upgrade, type a new one in the Update location field. In this subsection you will find the options for the product update configuration in case the company uses a proxy server with authentication. In this case, check the option Use proxy. The following options will be activated: Server – type in the IP of the proxy server; Port – type in the port the server uses to connect to the proxy server; User – type in a user name recognized by the proxy; Password – type in the valid password for the previously specified user; See the example below:
•
Status information shows the status of the update process.
Press the button Update now! if you wish to launch the update immediately. The application will contact the upgrade server and will update the definitions if any update is found. At the end, click on Apply in order to save the changes.
32
BitDefender for Mail Servers – Linux SMTP Relay
Viewing the reports and the statistics
BitDefender for Mail Servers automatically generates detailed reports and statistics. You have the possibility to view these reports by selecting the option Statistics from the configuration bar. These reports contain the following information: - the number of scanned objects; - the number of infected objects; - the number of disinfected objects; - the number of deleted objects;
Note: By objects we mean the number of e-mail messages and not the number of attached files.
33
BitDefender for Mail Servers – Linux SMTP Relay
Product registration
In order to ensure a proper functioning of the product and the scanning of the files, you must first register. In order to do this, click the option Register from the configuration toolbar.
The window offers information about the status of the product (registered or not) and the expiration date. There are few steps to follow in order to register the product: 1. 2. 3. 4. 5. Cick on the Register option from the Management Console; Slect the product from the module section; Tpe in the serial number in the selected area; Pess the Change Registration button; Click on the Apply button.
If the number is valid, then the status of the product changes to registered and the expiration date appears.
34
BitDefender for Mail Servers – Linux SMTP Relay
Server configuration
The protection configuration for the SMTP mail server is very simple. In order to enable the BitDefender protection, all you have to do is open the Management Console and click SMTP Proxy. In order to configure the protection to SMTP server level, the proxy settings and the security options must be first specified.
Configuring the proxy server
BitDefender behaves like a proxy server for the company's SMTP server. The way BitDefender was designed allows the configuration of the proxy settings to be made automatically or clearly by the administrator. In oder to configure the proxy server you must enter in the SMTP Proxy section from the configuration bar Automatic configuration - the proxy settings will be automatically identified by BitDefender. No additional configuration is necessary. All you have to do is simply click the option Automatic configuration in order to select it.
Note: The automatic configuration is possible only in case BitDefender was installed directly on the mail
server and not on another computer from the network.
Explicit configuration – in this case, the administrator must specify the proxy settings in the corresponding fields: • • • Listen on port : type in the port on which the proxy server, that is BitDefender, listens. Real SMTP server : type in the real SMTP server. Real SMTP port : in this field, it must be specified the real port on which the SMTP server listens.
Note: The explicit configuration is absolutely necessary when BitDefender wasn’t installed directly on the server, but on another network computer.
For example, let’s consider a case when BitDefender wasn’t installed directly on the server. In this case, we configured BitDefender so that it listened on the port 25, specified 194.102.234.6 to be the real SMTP server and the real SMTP port to be 25.
35
BitDefender for Mail Servers – Linux SMTP Relay
Configuring the security
You can establish certain restrictions regarding the e-mail domains and the network addresses that the proxy will recognize as valid for the mail traffic through the company's SMTP mail server. This is a protection measure against the spam attacks.
Notes: 1. In case you haven't specified any security restriction, all the messages will be recognized as invalid and will not be accepted, no matter their source and destination. 2. If you have specified some email domains, only the emails sent to those domains will be recognized as valid and will be delivered. 3. If you have declared a network domain, the outgoing emails from that domain will be delivered to their destination. 4. All the messages coming from an external source will be delivered only if their destination is an address of one of the domains introduced in the Email domain field. By external source we mean any e-mail originating from an IP address that doesn't belong to any of the network domains declared in the Network Address section.
The specification of the email domains is made in the section Email domain. In order to add email domains you must click on the button Add e-mail domain. The following window will appear:
I typed in the domain "first.softwin.ro" and clicked on Ok. At this moment, this domain will appear on the list with the email domains recognized by the proxy.
If you wish to modify a domain, you must first select it and then press Edit e-mail domain. Modify the settings and then press Ok. To delete a domain you must first select it and then press Remove e-mail domain.
36
BitDefender for Mail Servers – Linux SMTP Relay
The specification of the network domains is made on the section Network address. If you want to add new addresses, press Add net domain. Type the network addresses in the field Network Address and the network mask in the field Network mask, like in the example below:
Press Ok to save the settings. Thus all the network addresses that belong to the class specified above will be recognized and accepted by the proxy. The new net domain will appear on the list:
To modify the options for the network addresses, you must select the corresponding group of network addresses and click on Edit net domain. In order to delete a previously selected net domain, press Remove net domain. After configuring the proxy server, click on Apply in order to save the changes. This feature was designed in order to block unauthorised sending of confidential data outside the company. For example, if you want to limit a certain group of users to sending messages only to company addresses, you can leave them out of the Network Address list. These will be regarded as external sources.
37
BitDefender for Mail Servers – Linux SMTP Relay
Frequently Asked Questions
Installation
Q: What are the system requirements for running BitDefender for Linux Mail Servers? A: You will find them in the System requirements section. Q: Which version of BitDefender for Linux Mail Servers do I need? A: This depends on what MTA (email server) you use: Sendmail, Qmail, Postfix or another. For the first three, we have a specific version, and also a generic version (smtprelay) for most of the other servers. Q: Why are there .rpm, .deb and .tar packages? A: We created .tar packages for systems where the rpm or dpkg package manager is not available (Slackware, Gentoo, LFS). Q: How can I check if the installation kit is not corrupted? A: You need to run the command: sh ./BitDefender-postfix-{version}.{os}.{architecture}.{package type}.run --check The answer should be: Verifying archive integrity... MD5 checksums are OK. All good. If you get a different answer, please re-download the installation kit. Q: How do I compile the .tar package? A: The .tar package we provide are not source code - BitDefender is closed source software. They contain binaries, so there's no need to recompile, just unpack and install. Q: How do I install the package? A: Follow the instructions from the Install section.
Configuration
Q: Does BitDefender alter my server configuration? A: The server will be moved on port 10025. Q: I modify the bdsettings.xml, but when I shut down BitDefender, the modifications are lost! Why? A: Restarting the settings should not affect the file, but this can happen because sometimes Live module updates some values. In this case, you need to shut down BitDefender bdsettings.xml: - run "/opt/BitDefender/bin/bd stop" - edit ”bdsettings.xml” - run "/opt/BitDefender/bin/bd start" services before editing
Q: Where do I enter my serial number (license key) ? A: The product registration cand be made under both Linux and Windows. 38
BitDefender for Mail Servers – Linux SMTP Relay
Q: My mail server will not relay after I installed BitDefeder! A: By default, BitDefender for SMTP will not accept relays. Please edit the file bdsettings.xml, as described in the Agents section.
Use / Troubleshooting
Q: BitDefender does not catch viruses! A: Make sure that: - the product is installed and configured properly. - the product is not expired - the 30 evaluation days passed or the registration key you used is expired or incorrect. Q: I don't receive any warning, but the antivirus works. Why? A: On some systems, you need a valid email address for the sender. The default is root@localhost - this is not valid in all cases. Please change it to a "regular" email address, for example [email protected].
Updates
Q: How can I update the virus signatures database? A: By default, BitDefender will automatically update every 8 hours. But you can also update manually. Q: How can I tell if the virus signatures database is up to date? A: Run "/opt/BitDefender/lib/bdc --info" and check the number of signatures matched with the one here.
39
BitDefender for Mail Servers – Linux SMTP Relay
Contact information
SUPPORT DEPARTMENT: As a valued provider, SOFTWIN strives to provide its customers with an unparallel level of fast and accurate support. The Support Center listed below is continually being updated with the newest virus descriptions and answers to common questions, so that you obtain the necessary information in a timely manner. At SOFTWIN, dedication to saving its customers time and money by providing the most advanced products at the fairest prices has always been a top priority. Moreover, we think that a successful business is based on a good communication and a commitment to excellence in customer support. Clients department: [email protected] Technical support: [email protected] Phone: 0040-21-233 07 80 Address: SOFTWIN 5th Fabrica de Glucoza St. PO BOX 52-93 Bucharest, ROMANIA
40
User’s guide
BitDefender for Mail Servers – Linux SMTP Relay
Contents
License and Warranty........................................................................................... 3 Installation ............................................................................................................. 6
Package naming........................................................................................................... 6 System requirements ................................................................................................... 6 Install ............................................................................................................................ 6 Uninstall........................................................................................................................ 7 Upgrade from previous BitDefender versions .............................................................. 7
What is BitDefender for Mail Servers?................................................................ 9 Configuration under Linux ................................................................................. 11
NetProtect .................................................................................................................. 11 Plugins................................................................................................................ 11 Events................................................................................................................. 13 Agents ................................................................................................................ 14 Live............................................................................................................................. 16 Automatic update................................................................................................ 16 Manual update.................................................................................................... 17 Product registration .................................................................................................... 18
Configuration under Windows........................................................................... 19
The Management Console installation ....................................................................... 19 Uninstalling, repairing or modifying BitDefender Management Console .................... 23 Accessing the Management Console......................................................................... 24 Selecting the action on infected messages ................................................................ 26 Select the action on infected messages ............................................................. 26 Select the location for the quarantine area......................................................... 27 Sending alarm messages in case of infection ............................................................ 28 Updating the product .................................................................................................. 31 Viewing the reports and the statistics......................................................................... 33 Product registration .................................................................................................... 34 Server configuration ................................................................................................... 35 Configuring the proxy server .............................................................................. 35 Configuring the security...................................................................................... 36
Frequently Asked Questions ............................................................................. 38 Contact information............................................................................................ 40
2
BitDefender for Mail Servers – Linux SMTP Relay
License and Warranty
IF YOU DO NOT AGREE TO THESE TERMS AND CONDITIONS DO NOT INSTALL THE SOFTWARE. BY CLICKING "I ACCEPT", "OK", "CONTINUE", "YES" OR BY INSTALLING OR USING THE SOFTWARE IN ANY WAY, YOU ARE INDICATING YOUR COMPLETE UNDERSTANDING AND ACCEPTANCE OF THE TERMS OF THIS AGREEMENT. This License Agreement is a legal agreement between you (either an individual or a single entity end user) and SOFTWIN for use of the SOFTWIN software product identified above, which includes computer software and may include associated media, printed materials, and "online" or electronic documentation ("BitDefender"), all of which are protected by U. S. and international copyright laws and international treaty protection. By installing, copying, or otherwise using the BitDefender, you agree to be bound by the terms of this agreement. If you do not agree to the terms of this agreement, do not install or use the BitDefender; you may, however, return it to your place of purchase for a full refund within 30 days after your purchase. Verification of your purchase may be required. BitDefender License BitDefender is protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties. The BitDefender is licensed, not sold. GRANT OF LICENSE. SOFTWIN hereby grants you and only you the following nonexclusive license to use BitDefender: APPLICATION SOFTWARE. You may install and use one copy of the BitDefender, or any prior version for the same operating system, on a single computer terminal. The primary user of the computer on which the BitDefender is installed may make one additional (i.e. second) copy for his or her exclusive use on a portable computer. NETWORK USE. You may also store or install a copy of the BitDefender on a storage device, such as a network server, used only to install or run the BitDefender on your other computers over an internal network; however, you must purchase and dedicate a separate license for each separate computer terminal on which the BitDefender is installed or run from the storage device. A license for the BitDefender may not be shared or used concurrently on different computers or computer terminals. You should purchase a license pack if you require multiple licenses for use on multiple computers or computer terminals. LICENSE PACKS. If you purchase a License Pack and you have acquired this License Agreement for multiple licenses of BitDefender, you may make the number of additional copies of the computer software portion of the BitDefender specified above as "Licensed copies." You are also entitled to make a corresponding number of secondary copies for portable computer use as specified above in the section entitled "Application Software".
3
BitDefender for Mail Servers – Linux SMTP Relay
TERM OF LICENSE. The license granted hereunder shall commence on the date that you install, copy or otherwise first use BitDefender and shall continue only on the computer on which it is initially installed. UPGRADES. If the BitDefender is labeled as an upgrade, you must be properly licensed to use a product identified by SOFTWIN as being eligible for the upgrade in order to use the BitDefender. A BitDefender labeled as an upgrade replaces and/or supplements the product that formed the basis for your eligibility for the upgrade. You may use the resulting upgraded product only in accordance with the terms of this License Agreement. If the BitDefender is an upgrade of a component of a package of software programs that you licensed as a single product, the BitDefender may be used and transferred only as part of that single product package and may not be separated for use on more than one computer. COPYRIGHT. All right, title and interest in and to BitDefender and all copyright rights in and to the BitDefender (including but not limited to any images, photographs, logos, animations, video, audio, music, text, and "applets" incorporated into the BitDefender), the accompanying printed materials, and any copies of the BitDefender are owned by SOFTWIN. The BitDefender is protected by copyright laws and international treaty provisions. Therefore, you must treat the BitDefender like any other copyrighted material except that you may install the BitDefender on a single computer provided you keep the original solely for backup or archival purposes. You may not copy the printed materials accompanying the BitDefender. You must produce and include all copyright notices in their original form for all copies created irrespective of the media or form in which BitDefender exists. You may not sub-license, rent, sell, or lease BitDefender. You may not reverse engineer, recompile, disassemble, create derivative works, modify, translate, or make any attempt to discover the source code for BitDefender. LIMITED WARRANTY. SOFTWIN warrants that the media on which BitDefender is distributed is free from defects for a period of thirty days from the date of delivery of BitDefender to you. Your sole remedy for a breach of this warranty will be that SOFTWIN, at its option, may replace the defective media upon receipt of the damaged media, or refund the money you paid for BitDefender. SOFTWIN does not warrant that BitDefender will be uninterrupted or error free or that the errors will be corrected. SOFTWIN does not warrant that BitDefender will meet your requirements. SOFTWIN HEREBY DISCLAIMS ALL OTHER WARRANTIES FOR BITDEFENDER, WHETHER EXPRESSED OR IMPLIED. THE ABOVE WARRANTY IS EXCLUSIVE AND IN LIEU OF ALL OTHER WARRANTIES, WHETHER EXPRESSED OR IMPLIED, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. THIS WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS. YOU MAY HAVE OTHER RIGHTS, WHICH VARY FROM STATE TO STATE.
4
BitDefender for Mail Servers – Linux SMTP Relay
DISCLAIMER OF DAMAGES. Anyone using, testing, or evaluating BitDefender bears all risk to the quality and performance of BitDefender. In no event shall SOFTWIN be liable for any damages of any kind, including, without limitation, direct or indirect damages arising out of the use, performance, or delivery of BitDefender, even if SOFTWIN has been advised of the existence or possibility of such damages. SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. IN NO CASE SHALL SOFTWIN'S LIABILITY EXCEED THE PURCHASE PRICE PAID BY YOU FOR BITDEFENDER. The disclaimers and limitations set forth above will apply regardless of whether you accept or use, evaluate, or test BitDefender. IMPORTANT NOTICE TO USERS. THIS SOFTWARE IS NOT FAULT-TOLERANT AND IS NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL-SAFE PERFORMANCE OR OPERATION. THIS SOFTWARE IS NOT FOR USE IN THE OPERATION OF AIRCRAFT NAVIGATION, NUCLEAR FACILITIES, OR COMMUNICATION SYSTEMS, WEAPONS SYSTEMS, DIRECT OR INDIRECT LIFESUPPORT SYSTEMS, AIR TRAFFIC CONTROL, OR ANY APPLICATION OR INSTALLATION WHERE FAILURE COULD RESULT IN DEATH, SEVERE PHYSICAL INJURY OR PROPERTY DAMAGE. GOVERNMENT RESTRICTED RIGHTS/RESTRICTED RIGHTS LEGEND. Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 or subparagraphs (c)(1) and (2) of Commercial Computer SoftwareRestricted Rights clause at 48 CFR 52.227-19, as applicable. Contact SOFTWIN, at Fabrica de Glucoza St., No 5, 72322-Sect.2, Bucharest, Romania, or at Tel No: 40-212330780, Fax:40-21-2330763 GENERAL. This Agreement will be governed by the laws of Romania and by the international copyright regulations and treaties. This Agreement may only be modified by a license addendum, which accompanies this Agreement or by a written document which has been signed, by both you and SOFTWIN. This Agreement has been written in the English language only and is not to be translated or interpreted in any other language. Prices, costs and fees for use of BitDefender are subject to change without prior notice to you. In the event of invalidity of any provision of this Agreement, the invalidity shall not affect the validity of the remaining portions of this Agreement. BitDefender and BitDefender logos are trademarks of SOFTWIN. All other trademarks are the property of their respective owners.
5
BitDefender for Mail Servers – Linux SMTP Relay
Installation
Package naming
BitDefender for Mail Servers – Linux SMTP Relay package is named considering the following parameters: BitDefender-smtp-{version}.{os}.{architecture}.{package type}.run Variable {version} {os} Description is the package version. For example, 1.5.1-7 is version 1, subversion 5.1, package build 7. is Linux for the momment :), *BSD and other Unices will be available soon. Linux has 2 versions - one compiled with gcc 2.9x and the other with gcc 3.x. Choose the appropriate version for your system. is the processor type. i586 is the current development version. It will work on Intel Pentium II, Pentium III, Penium IV, AMD alternatives and other compatible processors. reffers to the package management tool we use in order to install the files on your computer. This is one of rpm, deb or tar. rpm uses the Red Hat Package Manager, deb uses dpkg and tar is the most portable method. Please note that, however, the tar packages do not contain source code. Please install the appropriate package for your system.
{architecture}
{package type}
System requirements
Before installing BitDefender for Mail Servers, you must first verify if the company’s mail server meets the following system requirements: Processor: minimum Pentium II 300 MHz (800 Recommended processor) RAM: minimum 64 Mb of memory (128 Recommended) Disk space: minimum 20 Mb Operating system: Linux distribution with kernel v. 2.2 or 2.4 (Recommended) and glibc minimum v. 2.2.3
Install
Before you begin the installation process we recommend you to check that the installation kit is not corrupted (this can happened sometimes, especially if you dowloaded it). Please run: sh ./BitDefender-smtp-{version}.{os}.{architecture}.{package type}.run --check The answer should be: Verifying archive integrity.. MD5 checksums are OK. All good. If you get a different answer, please re-download the installation kit. 6
BitDefender for Mail Servers – Linux SMTP Relay
All packages, regardless of the {package type}, are installed using: sh ./BitDefender-smtp-{version}.{os}.{architecture}.{package type}.run For example, if you want to install the version for Mail Servers, using the rpm-based package, run this: sh ./BitDefender-smtp-1.5.1-5.linux.i586.rpm.run in the directory where the package is located.
Nota: If you would like to see all the install options run: sh ./BitDefender-smtp-{version}.{os}.{architecture}.{package type}.run --help
This will unpack the BitDefender packages, and will launch the install script, that will in turn install the BitDefender components. These are: BitDefender-engines, BitDefender-core and BitDefender-smtp. Please follow the instructions exactly during the installation process.
Uninstall
To uninstall the package you should run: sh ./BitDefender-smtp-{version}.{os}.{architecture}.{package type}.run --uninstall There is an alternative method too: For rpm: • rpm -e BitDefender-smtp • rpm -e BitDefender-core • rpm -e BitDefender-engines For tar: • Stop BitDefender services ”/opt/BitDefender/bin/bd stop” • Delete (/opt/BitDefender) • Delete the integration from MTA ( you must start the MTA normally on port 25) • Reload Smtp.
Upgrade from previous BitDefender versions
This install system is not compatible with the previous BitDefender, so automatic upgrading is not supported. You need to uninstall the previous version. Follow these steps: 1. Stop BitDefender services Run: /etc/init.d/np stop /etc/init.d/bdnp stop (for BitDefender v1.2) (for BitDefender v1.5)
7
BitDefender for Mail Servers – Linux SMTP Relay
2. Uninstall the old VERSION OF BitDefender - run: rpm -e np rpm -e bdnp (for BitDefender v1.2) (for BitDefender v1.5)
- delete “/tmp/BDNP”, if it exists. Run: ”rm -fr /tmp/BDNP” If you installed from the .tar version, delete the installation folder (by default this is “/usr/local/bitdef”). Then remove the BitDefender integration from your mta. You must start the MTA normally on port 25 3. Install the new version Follow the instructions from the Install section.
8
BitDefender for Mail Servers – Linux SMTP Relay
What is BitDefender for Mail Servers?
The acquisition and installation of an antivirus product for the company’s mail server is the most efficient way of preventing the infection of a computer and the spreading of viruses inside the company, and outside the company as well through the most common way of communication - the e-mail. BitDefender For Mail Servers – Linux SMTP Relay is the solution SOFTWIN offers for the antivirus protection of the Linux mail servers. The product is designed and implemented in a modular manner, thus it can easily adapt to any work environment. All the messages received by the server are scanned using the BitDefender scan engines. This technology detects all the viruses presents in the attachments; BitDefender features built-in support for more than 80 packed files formats, including RAR, ZIP, ARJ, LZH, LHA, ACE, GZIP, TARGZ, JAR, UUE, MIME or CAB archives, no matter how they were created (self-extractable, multivolume, etc). If the message is clean, it will be sent forward to the mail recipient. In case an infection is found, it will be treated corresponding to the selected option (disinfection, deletion or isolation in the quarantine area) and alarm messages will be sent to the persons responsible for network security and management. For ensuring a superior and efficient antivirus protection, BitDefender For Mail Servers was designed with a function for an automatic update of the virus definitions. This function periodically connects to the BitDefender upgrade server, without the administrator’s intervention. Features: Antivirus protection for Mail Servers; Scanning of all the e-mail messages and attached files; Automatic and incremental update of virus definitions and scanning engines directly from BitDefender servers; Generates alarm messages through e-mail; Possibility of isolating the infected attachments and/or e-mail’s body in the quarantine zone; Antivirus protection for the newly created mail boxes; The multirecipient messages are filtered only once, before delivery, and not many times for each mail recipient; Remote administration, by simply installing the management console on the remote computer; Detailed statistics and reports regarding the number of scanned files, the infected files, the deleted and disinfected files; The antivirus protection can be configured under both Linux and Windows.
9
BitDefender for Mail Servers – Linux SMTP Relay
You can see below a general scheme of the way BitDefender integrates with a MTA:
The message’s HTML body and attachments will be verified in order to detect the infected files and the back doors/ trojans/ worm files and prevent their spreading into the system. Only the clean messages will be delivered to the mail clients from the stations or will be sent further to the mail recipients outside the company. The infected messages are treated depending on the administrator’s option, by disinfection, deletion or isolation in a certain location on the server, considered to be the quarantine zone.
10
BitDefender for Mail Servers – Linux SMTP Relay
Configuration under Linux
The specification of the protection settings is made through the file bdsettings.xml, found to the location ”/opt/BitDefender/etc/bdsettings.xml”. Edit this file in order to specify the protection options. The file might be structured in the following sections: <NetProtect> <live> each one will be treated in a special paragraph:
NetProtect
Here the user can specify the action on the infected objects, the location of the quarantine zone, the events when a special situation appears. Inside this section there are some subsections, which contain a few tags where the user can modify the settings:
Plugins
In the Plugins section you can modify the action on the infected files, the location of the quarantine zone and you can enable / disable the Real Time Virus Reporting module. In the <AV> subsection three variables are present: first action, second action and quarantine. <Plugins> <AV> <FirstAction value=”DISINFECT”/> <SecondAction value=”QUARANTINE”/> <QuarDir value=”/opt/BitDefender/var/quarantine” /> </AV> </Plugins> 1. FirstAction – specifies the first action on the infected files 2. SecondAction – specifies the second action, in case the first action fails. The second action is enabled only when the first action is “DISINFECT”.
11
BitDefender for Mail Servers – Linux SMTP Relay
The values that FirstAction and SecondAction can take are: FirstAction IGNORE SecondAction Description The result is that the infections found are ignored and the messages will be delivered to the mail recipients, along with the infected part, without any reaction. IGNORE In case the disinfection of the message fails, this is delivered to the mail recipient without any change and still containing the infection. DELETE If the disinfection fails, the infected part* will be deleted. Thus, if the attachment is infected, it will be deleted, and the message will be delivered to the mail client from the station without that attachment. In case the body of the message is infected, its content will be deleted and an empty message will be delivered to the mail recipient. QUARANTINE In case of disinfection failure, it isolates the infected part* of the message in the quarantine area. Thus, if the attachment is infected than it will be moved in the quarantine area and the message will be delivered without it. If the body of the message is infected, it will be moved in the quarantine area and an empty message will be delivered. The infected part* of the message will be deleted, and it will be delivered to the mail recipient without the infected part. The infected part* will be isolated in the quarantine zone.
DISINFECT
DELETE QUARANTINE
* the body or the attachment(s) of the messages.
Note: The action on infected files must be written with caps.
3. QuarDir – this variable specifies the location of the quarantine folder, where the infected files will be isolated. In the <RTVR> subsection you can enable / disable the RTVR module. <Plugins> <RTVR value="" > <Path value="/opt/BitDefender/lib/logger/rtvr.npl"/> <Active value="Y" /> <Enable value="Y" /> </RTVR> </Plugins> The RTVR module was designed to report new viruses identified on different regions. It wasn’t conceived with commercial purposes, but for creating reports and statistics concerning the virus activity. The messages sent to BitDefender laboratory will contain only the name of the virus. The values of UID and CUID are randomly generated. 12
<UID value="99619d0a-488a-47f7-ace5-5b20976d180c" /> <CUID value="0e1958da-a06c-4db6-a85d-86f2c8f9578a"/>
BitDefender for Mail Servers – Linux SMTP Relay
Events
<Events> <Logger > <Plugins > <MNsmtp > <Path value="/opt/BitDefender/lib/logger/mn-smtp.npl" /> <Active value="Y" /> <SMTPServer value="127.0.0.1" /> <From value="[email protected]" /> <Ev6 value="[email protected]" /> <SenderReceiver value="Y" /> <IsMail value="Y" /> </MNsmtp> </Plugins> </Logger> </Events> This subsection allows you to specify the events in case a situation out of ordinary appears. There are three type of events that may appear, each one having associated a variable: Event Warning Error Variable Description Ev3 Generates a warning message in case a special situation, such as disabling the BitDefender protection, appears. Ev4 Generates a message announcing the apparition of a disfunctionality within BitDefender. Such situations may appear, for example, due to the accidental deletion of some files or failure to load the scan engines. Ev6 A message is generated in case an infected or suspicious message is detected.
Virus
In the example above, an e-mail will be sent to [email protected] in case a virus is found. If we had wanted to send an e-mail to [email protected] in case an error appeared, we should have inserted the line: <Ev4 value=”[email protected]”/> Ev4, that is the variable for error, receives the value [email protected], that is the recipient that will be informed. The variable SenderReceiver specifies if the sender and the receiver of the message will be warned or not in case an infected message is detected. This variable can get two values: - Y – to send a warning message: <SenderReceiver value=”Y”> - N – not to send a warning message: <SenderReceiver value=”N”> 13
BitDefender for Mail Servers – Linux SMTP Relay
Agents
<Agents value=””> <SMTP value=””> <Auto value=”N” /> <Id value=”4” /> <Setts value=”127.0.0.1:10025” /> <Port value=”25” /> <Doms value=””> <softwin.ro value=”” /> <bitdefender.ro value=”” /> </Doms> <Nets value=”” > <192.168.5.0 value=”255.255.255.0” /> <192.168.9.0 value=”255.255.255.0” /> </Nets> <Key value="0000-0000-0000-0000-0000" /> </SMTP> </Agents> In this subsection you must specify the SMTP settings. There are a few variables, each one will be explained below: Auto – this variable specifies whether the configuration of the proxy server is made automatically or explicitly. BitDefender for Mail Servers behaves like a proxy server for the company’s mail server. The way BitDefender was designed allows the configuration of the proxy settings to be made automatically or clearly by the administrator. Automatic configuration – the proxy settings will be automatically identified by BitDefender. The variable Auto takes the value “Y”. Explicit configuration – in this case, the variable Auto takes the value “N” and the administrator must specify the proxy settings, using the variables: Setts – specifies the real server and the real port. The value must be specified like value=”real_server:real_port” Port – specifies the port on which the SMTP server listens Key – specifies the registration key for BitDefender
Note: After installation, Setts value will be ”127.0.0.1:10025 because the real mail server is
considered to be that on which Bitdefender (localhost) was installed, and it was reconfigured to accept e-mails on port number 10025.
Inside the <SMTP> tag you can observe two more tags: <Doms> and <Nets>. These tags enable you to establish certain restrictions regarding the e-mail domains and the network addresses that the proxy will recognize as valid for the mail traffic through the company’s mail server. This is a supplementary protection measure.
14
BitDefender for Mail Servers – Linux SMTP Relay
Notes: 1. In case you haven't specified any security restriction, all the messages will be recognized as invalid and will not be accepted, no matter their source and destination. 2. If you have specified some email domains, only the emails sent to those domains will be recognized as valid and will be delivered. 3. If you have declared a network domain, the outgoing emails from that domain will be delivered to their destination. 4. All the messages coming from an external source will be delivered only if their destination is an address of one of the domains introduced in the <Doms> tags. By external source we mean any e-mail originating from an IP address that doesn't belong to any of the network domains declared in the Network Address section.
The specification of the e-mail domains is made inside the <Doms> tags. The e-mail domains must be specified in the following manner: <e-mail_domain value=””/> The specification of the network domains is made inside the <Nets> tags . The network domains must be specified in the following manner: < network_address value=”network_mask” /> This feature was designed in order to block unauthorised sending of confidential data outside the company. For example, if you want to limit a certain group of users to sending messages only to company addresses, you can leave them out of the <Nets> tags. These will be regarded as external sources.
15
BitDefender for Mail Servers – Linux SMTP Relay
Live
In this section you may find the settings for BitDefender update. <live> <CheckSecs value=”28880” /> <mainlocation value=http://upgrade.bitdefender.com /> <ProxyOn value=”Y”> <ProxySetts value=”192.168.5.99:8080” /> </live> Variable CheckSecs Mainlocation ProxyOn Description specifies the interval to which the upgrade checking is made (in seconds) specifies the location of the upgrade server specifies if the product upgrade is made or not through a proxy server. If the upgrade is made through a proxy, the variable gets the value Y, otherwise it gets the N value. specifies the proxy settings, in case the company uses a proxy server.
ProxySetts
The proxy settings must be specified in the following manner: <ProxySetts value=”proxy_server:port” /> or <ProxySetts value=”user_name:password@proxy_server:port” /> for the proxy servers with authentication.
Note: You don't have to stop the BitDefender services in order to modify the proxy settings
Automatic update
BitDefender for Mail Servers is pre-configured to update automatically each 8 hours. To configure the automatic update module please follow these steps: 1. Stop all BitDefender services Use the "/opt/BitDefender/bin/bd stop" command (alternatively, you can use "/etc/init.d/bd stop" or "service bd stop"). 2. Open the bdsettings.xml file It is located in “/opt/BitDefender/etc” 3. Modifying the time interval To modify the update time interval you will have to modify the tag bellow: <CheckSecs value="28800" />
Note: The time interval is displayed in seconds.
16
BitDefender for Mail Servers – Linux SMTP Relay
4. Proxy server configuration If you are using a proxy server to connect to the internet please run the following bdsetup –proxy command and follow the on-screen instructions. In order to deactivate run bdsetup –noproxy. 5. Restart BitDefender services Use the "/opt/BitDefender/bin/bd start" command (alternatively, you can use "/etc/init.d/bd start" or "service bd start").
Note: We recommend you to change the settings from the Management Console under Windows.
Manual update
The cumulative.zip is released every week on Monday and it includes all the virus definitions and scan engines updates up to the release date. The daily.zip is released each day and it includes all the virus definitions and scan engines updates since the last cumulative and up to the current date. In order to update the product manually, please follow these steps: 1. Stop all BitDefender services Use the "/opt/BitDefender/bin/bd stop" command (alternatively, you can use "/etc/init.d/bd stop" or "service bd stop"). 2. Download If it's Monday or if it's the first time you update using the manual updates please download the cumulative.zip and save it on your disk when prompted. Otherwise please download the daily.zip and save it on your disk. 3. Extract Extract the contents of the zip file to “/opt/BitDefender/lib/Plugins/ “ (overwrite the existing files if necessary).
Note: If you are using both cumulative.zip and daily.zip you will have to extract the contents of the cumulative.zip first.
4. Restart BitDefender services Use the "/opt/BitDefender/bin/bd start" command (alternatively, you can use "/etc/init.d/bd start" or "service bd start").
17
BitDefender for Mail Servers – Linux SMTP Relay
Product registration
The product is delivered with a trial registration key valid for thirty days. At the end of the trial period, if you want to purchase the product you have to provide a new serial number. In order to modify the default serial number use the : “/opt/BitDefender/bin/bd register” command (alternatively you can use /etc/init.d/bd register" or "service bd register") and follow the on-screen instructions. The product registration cand be made also under Windows, in the Register section from the Management Console.
18
BitDefender for Mail Servers – Linux SMTP Relay
Configuration under Windows
BitDefender for Mail Servers can also be configured from Windows. In order to configure the antivirus protection for Linux from Windows, it is necessary to install the Management Console first. Before installing, you have to make sure that the computer meets the following system requirements: Operating system: Windows NT, Windows 2000 Recommended processor: Pentium II 300 MHz Recommended memory: 64 Mb Minimum disk space: 20 Mb
The Management Console installation
In order to install the product, it is absolutely necessary to log on the computer with administrative rights. Step 1: Insert the CD into the CD-ROM unit and double-click on the file “BitDefenderRemoteAdmin.exe”. This will launch the setup wizard, which will guide you through the setup process. The following window will appear:
Press Cancel if you want to abandon the setup process. Press Next in order to continue.
19
BitDefender for Mail Servers – Linux SMTP Relay
Step 2: In this window you can read the License Agreement.
If you do not agree with this terms press No. The installation process will be abandoned and you will exit setup. Click Yes if you understand and agree with these terms, and you will pass to the next step. Step 3: The following window allows you to select the folder where you want to install BitDefender. By default, this is Program Files\Softwin\ BDRemote on the system partition.
In case you want to install the product in another folder, click on Browse… and select from the exploring window another folder. Click on Next to continue.
20
BitDefender for Mail Servers – Linux SMTP Relay
Step 4: The next window will ask you which type of installation you prefer.
Choose one of the following options: Typical – The program will be installed with the most common options. This is the recommended option for most users. Compact – Program will be installed with the minimum required options. Custom – You may choose the components you want to install. Recommended for advanced users only. Select Typical and click on Next.
21
BitDefender for Mail Servers – Linux SMTP Relay
Step 5: Type in the name for BitDefender that you want to appear in the “Start menu\Programs” folder. By default this is “BDRemote”.
Click on Next. Step 6: In the end a window will confirm you the installation of the program on your computer.
Select Yes, I want to restart my computer now and press Finish. The system will restart.
22
BitDefender for Mail Servers – Linux SMTP Relay
Uninstalling, repairing or modifying BitDefender Management Console
If you want to modify, repair or uninstall the initial installation of BitDefender Management Console, from the Windows menu select Start → Programs → BitDefender Remote Admin → Modify & Repair & Uninstall. The following window will appear. You have to select one of these three options:
Modify – Select new program components to add or select currently installed components to remove. Repair – Re-install all program components installed by the previous setup. Remove – Remove all installed components. To continue setup, select one of the three options listed above. We recommend Remove for a clean installation.
23
BitDefender for Mail Servers – Linux SMTP Relay
Accessing the Management Console
The Management Console can be launched from the Windows Start menu, following the path Start → Programs → BitDefender Remote Admin → Remote console. In order to be functional, the Management Console must connect to the server, that is the computer where BitDefender is installed, because it uses the scan engines installed on that computer. When you access the Management Console, a small window appears prompting you to type in the IP of the computer where BitDefender is installed.
Type in the IP of the computer and the password and click Ok. After connecting to that computer, the Management Console becomes active. It will read the configuration information from the server and any modification made will be transferred towards it. When the Management Console opens, one can view the configuration bar and the Option button on the left.
24
BitDefender for Mail Servers – Linux SMTP Relay
The left side menu (configuration toolbar) has the following options: About – to view information about the current version, copyright, and contact information as well; BitDefender Update - to access the configuration window for the product update; BitDefender Engine - to select the action, in case an infected file is detected, and the location of the quarantine area; Mail Notification – to select the e-mail addresses where alarm messages will be sent in case of virus detection; Statistics – to view the reports and statistics about the scanned objects; Register – to register the product; SMTP Proxy – to specify the SMTP Proxy settings. Options button will have as effect the opening of a menu with the following options: Connect to a remote computer – for introducing the IP for the computer you want to connect to. A window requesting the IP and the password will appear. Change administrative password – will open a window where you can specify the password. Type the password in the field Password and confirm it in the field Confirm.
Note: You must set a password before you can connect to a remote computer.
25
BitDefender for Mail Servers – Linux SMTP Relay
Selecting the action on infected messages
In order to select the action on infected messages click on the BitDefender Engine option from the Management Console.
Select the action on infected messages
BitDefender for Mail Servers allows the selection of one of the following actions on infected messages: First action Ignore Second action Description The result is that the infections found are ignored and the messages will be delivered to the mail recipients, along with the infected part, without any reaction. In case the disinfection of the message fails, this is delivered to the mail recipient without any change and still containing the infection. If the disinfection fails, the infected part* will be deleted. Thus, if the attachment is infected, it will be deleted, and the message will be delivered to the mail client from the station without that attachment. In case the body of the message is infected, its content will be deleted and an empty message will be delivered to the mail recipient. In case of disinfection failure, it isolates the infected part* of the message in the quarantine area. Thus, if the attachment is infected than it will be moved in the quarantine area and the message will be delivered without it. If the body of the message is infected, it will be moved in the quarantine area and an empty message will be delivered. The infected part* of the message will be deleted, and it will be delivered to the mail recipient without the infected part. The infected part* will be isolated in the quarantine zone.
Disinfect
Ignore
Delete
Move to quarantine
Delete
Move to quarantine
* the body or the attachment(s) of the messages.
26
BitDefender for Mail Servers – Linux SMTP Relay
Click to select the first action
Select the second action
Observations: 1. The section Second action, where one can select the second action for the infected messages, is a supplementary measure of protection and it is activated only in case the disinfection of the message was selected. 2. In order to prevent a possible infection in the network, we recommend you to select the first action Disinfect and the second action Move to quarantine or Delete. Select Move to quarantine in case the messages may contain important information and you wish to request later an antivirus analysis of the infected parts. 3. When referring to a message as infected, it means the infection of the attached file(s) and/or the message’s body itself. In case the disinfection fails, the message(s) without the infection will be delivered to the mail recipient(s), and depending on the configuration, the infected part will be deleted or isolated in the quarantine. 4. In case the second action is Ignore the messages will be delivered to the mail recipients without removing the infected part.
Select the location for the quarantine area In case the isolation of the infected files in the quarantine area was selected, the complete path to the quarantine folder must be specified.
Note: The quarantine folder must be previously created and must be located on the mail server. The complete path must be specified. For example: /opt/BitDefender/var/quarantine.
At the end, click on Apply in order to save the changes.
27
BitDefender for Mail Servers – Linux SMTP Relay
Sending alarm messages in case of infection
If an infection is found, there is the possibility of sending alarm messages by email. There are three types of events that can generate alarm messages: Variable Warning Error Description Generates a warning message in case a special situation, such as disabling the BitDefender protection, appears. Generates a message that announces the apparition of a disfunctionality within BitDefender. Such situations may appear, for example, because of the accidental deletion of some files or failure to load the scan engines. A message is generated in case an infected or suspicious message is detected.
Virus
Click Mail Notifications option from the Management Console. For sending alerts via email you must first specify some information in the section SMTP Settings: - SMTP Server – type in the name of the SMTP server that the company uses to send messages. - From – type in the e-mail address that will appear in the sender field.
Note: It is necessary to type in a valid e-mail address for the SMTP server, otherwise the server may decline sending an e-mail whose sender (e-mail address) is unknown to him.
In order to make the Mail Notification service active, you must click on Enable Mail Notification.
Type in the sender’s e-mail address
Click here to enable the service
Click here to select the event
Click here to modify the selected event
28
BitDefender for Mail Servers – Linux SMTP Relay
Check the Alert senders/receivers option in order to alert the sender/receiver when a virus is found in an email The section contains 3 buttons: Add – to add a new user who will receive an e-mail in case a situation out of the ordinary appears. Modify – to modify the recipient that will be warned or the event that causes the warning. Remove – to delete a warning event previously created. If you wish to create an event that generates warnings via e-mail, click Add. In the window that appears select the event's type, by simply clicking it and type in the e-mail address(es) where it will be delivered. Press Ok to save the event or Cancel to abandon.
Click here to select the event
For example, I want to generate alarm messages when a virus is found. I selected, in the Event section, Virus and introduced in the Send alert to field the e-mail address [email protected]. An e-mail will be sent to this address whenever BitDefender finds a virus. At one moment, an infected message was found. To [email protected] arrived an e-mail with the following content: BitDefender found an infected object in a message From: [tester1] To: [tester2] Subject: [subject] Object: object Virus: Klez.Y Thank you for choosing BitDefender The BitDefender Lab www.bitdefender.com
29
BitDefender for Mail Servers – Linux SMTP Relay
All the warning e-mails in case of infection will have the subject BitDefender found an infected object and will contain the name of the identified virus.
Note: If you want to send messages to more than just one mail recipient, these addresses must be separated by comma.
When you want to change an event (the mail recipient or the event type), press Modify. Select a new type of event, or specify a new e-mail address. Click Ok if you want to save the changes or Cancel if you want to keep the previous settings.
Note: To modify or delete an event it is necessary to click the field Event corresponding to that event and then press one of the buttons Modify or Remove. If you press the Remove button, the event will be removed without further warning.
At the end, click on Apply in order to save the changes.
30
BitDefender for Mail Servers – Linux SMTP Relay
Updating the product
BitDefender For Mail Servers was designed with a function for automatic update of the virus definitions. At the present time, the risk of getting infected increases, both because new viruses appear and the existing ones keep on spreading. The e-mail communication which is more and more used, has become a final factor in spreading the infection from one user to another. For example, the case of infection with mass mailers is well known. These viruses arrive by e-mail and replicate themselves by sending a copy to all the addresses from Address Book, spreading the infection without the user’s knowledge. Every 8 hours the update function is launched. It connects to the BitDefender upgrade server and in case new virus definitions are found, the update will be made transparently, without the administrator’s intervention, by downloading the files with the virus definitions. You can view the date and time the last check and update were made, by clicking the option BitDefender Update on the configuration bar. You will enter a section similar to the following:
31
BitDefender for Mail Servers – Linux SMTP Relay
The section contains 3 subsections: • • The subsection General information, containing the date and time of the last check and update. The subsection Update preferences that allows changing the update checking interval, as well as the update location. By default this is 8 hours. If you want to change it, type a new interval in the Check interval field. If you want to change the location for the upgrade, type a new one in the Update location field. In this subsection you will find the options for the product update configuration in case the company uses a proxy server with authentication. In this case, check the option Use proxy. The following options will be activated: Server – type in the IP of the proxy server; Port – type in the port the server uses to connect to the proxy server; User – type in a user name recognized by the proxy; Password – type in the valid password for the previously specified user; See the example below:
•
Status information shows the status of the update process.
Press the button Update now! if you wish to launch the update immediately. The application will contact the upgrade server and will update the definitions if any update is found. At the end, click on Apply in order to save the changes.
32
BitDefender for Mail Servers – Linux SMTP Relay
Viewing the reports and the statistics
BitDefender for Mail Servers automatically generates detailed reports and statistics. You have the possibility to view these reports by selecting the option Statistics from the configuration bar. These reports contain the following information: - the number of scanned objects; - the number of infected objects; - the number of disinfected objects; - the number of deleted objects;
Note: By objects we mean the number of e-mail messages and not the number of attached files.
33
BitDefender for Mail Servers – Linux SMTP Relay
Product registration
In order to ensure a proper functioning of the product and the scanning of the files, you must first register. In order to do this, click the option Register from the configuration toolbar.
The window offers information about the status of the product (registered or not) and the expiration date. There are few steps to follow in order to register the product: 1. 2. 3. 4. 5. Cick on the Register option from the Management Console; Slect the product from the module section; Tpe in the serial number in the selected area; Pess the Change Registration button; Click on the Apply button.
If the number is valid, then the status of the product changes to registered and the expiration date appears.
34
BitDefender for Mail Servers – Linux SMTP Relay
Server configuration
The protection configuration for the SMTP mail server is very simple. In order to enable the BitDefender protection, all you have to do is open the Management Console and click SMTP Proxy. In order to configure the protection to SMTP server level, the proxy settings and the security options must be first specified.
Configuring the proxy server
BitDefender behaves like a proxy server for the company's SMTP server. The way BitDefender was designed allows the configuration of the proxy settings to be made automatically or clearly by the administrator. In oder to configure the proxy server you must enter in the SMTP Proxy section from the configuration bar Automatic configuration - the proxy settings will be automatically identified by BitDefender. No additional configuration is necessary. All you have to do is simply click the option Automatic configuration in order to select it.
Note: The automatic configuration is possible only in case BitDefender was installed directly on the mail
server and not on another computer from the network.
Explicit configuration – in this case, the administrator must specify the proxy settings in the corresponding fields: • • • Listen on port : type in the port on which the proxy server, that is BitDefender, listens. Real SMTP server : type in the real SMTP server. Real SMTP port : in this field, it must be specified the real port on which the SMTP server listens.
Note: The explicit configuration is absolutely necessary when BitDefender wasn’t installed directly on the server, but on another network computer.
For example, let’s consider a case when BitDefender wasn’t installed directly on the server. In this case, we configured BitDefender so that it listened on the port 25, specified 194.102.234.6 to be the real SMTP server and the real SMTP port to be 25.
35
BitDefender for Mail Servers – Linux SMTP Relay
Configuring the security
You can establish certain restrictions regarding the e-mail domains and the network addresses that the proxy will recognize as valid for the mail traffic through the company's SMTP mail server. This is a protection measure against the spam attacks.
Notes: 1. In case you haven't specified any security restriction, all the messages will be recognized as invalid and will not be accepted, no matter their source and destination. 2. If you have specified some email domains, only the emails sent to those domains will be recognized as valid and will be delivered. 3. If you have declared a network domain, the outgoing emails from that domain will be delivered to their destination. 4. All the messages coming from an external source will be delivered only if their destination is an address of one of the domains introduced in the Email domain field. By external source we mean any e-mail originating from an IP address that doesn't belong to any of the network domains declared in the Network Address section.
The specification of the email domains is made in the section Email domain. In order to add email domains you must click on the button Add e-mail domain. The following window will appear:
I typed in the domain "first.softwin.ro" and clicked on Ok. At this moment, this domain will appear on the list with the email domains recognized by the proxy.
If you wish to modify a domain, you must first select it and then press Edit e-mail domain. Modify the settings and then press Ok. To delete a domain you must first select it and then press Remove e-mail domain.
36
BitDefender for Mail Servers – Linux SMTP Relay
The specification of the network domains is made on the section Network address. If you want to add new addresses, press Add net domain. Type the network addresses in the field Network Address and the network mask in the field Network mask, like in the example below:
Press Ok to save the settings. Thus all the network addresses that belong to the class specified above will be recognized and accepted by the proxy. The new net domain will appear on the list:
To modify the options for the network addresses, you must select the corresponding group of network addresses and click on Edit net domain. In order to delete a previously selected net domain, press Remove net domain. After configuring the proxy server, click on Apply in order to save the changes. This feature was designed in order to block unauthorised sending of confidential data outside the company. For example, if you want to limit a certain group of users to sending messages only to company addresses, you can leave them out of the Network Address list. These will be regarded as external sources.
37
BitDefender for Mail Servers – Linux SMTP Relay
Frequently Asked Questions
Installation
Q: What are the system requirements for running BitDefender for Linux Mail Servers? A: You will find them in the System requirements section. Q: Which version of BitDefender for Linux Mail Servers do I need? A: This depends on what MTA (email server) you use: Sendmail, Qmail, Postfix or another. For the first three, we have a specific version, and also a generic version (smtprelay) for most of the other servers. Q: Why are there .rpm, .deb and .tar packages? A: We created .tar packages for systems where the rpm or dpkg package manager is not available (Slackware, Gentoo, LFS). Q: How can I check if the installation kit is not corrupted? A: You need to run the command: sh ./BitDefender-postfix-{version}.{os}.{architecture}.{package type}.run --check The answer should be: Verifying archive integrity... MD5 checksums are OK. All good. If you get a different answer, please re-download the installation kit. Q: How do I compile the .tar package? A: The .tar package we provide are not source code - BitDefender is closed source software. They contain binaries, so there's no need to recompile, just unpack and install. Q: How do I install the package? A: Follow the instructions from the Install section.
Configuration
Q: Does BitDefender alter my server configuration? A: The server will be moved on port 10025. Q: I modify the bdsettings.xml, but when I shut down BitDefender, the modifications are lost! Why? A: Restarting the settings should not affect the file, but this can happen because sometimes Live module updates some values. In this case, you need to shut down BitDefender bdsettings.xml: - run "/opt/BitDefender/bin/bd stop" - edit ”bdsettings.xml” - run "/opt/BitDefender/bin/bd start" services before editing
Q: Where do I enter my serial number (license key) ? A: The product registration cand be made under both Linux and Windows. 38
BitDefender for Mail Servers – Linux SMTP Relay
Q: My mail server will not relay after I installed BitDefeder! A: By default, BitDefender for SMTP will not accept relays. Please edit the file bdsettings.xml, as described in the Agents section.
Use / Troubleshooting
Q: BitDefender does not catch viruses! A: Make sure that: - the product is installed and configured properly. - the product is not expired - the 30 evaluation days passed or the registration key you used is expired or incorrect. Q: I don't receive any warning, but the antivirus works. Why? A: On some systems, you need a valid email address for the sender. The default is root@localhost - this is not valid in all cases. Please change it to a "regular" email address, for example [email protected].
Updates
Q: How can I update the virus signatures database? A: By default, BitDefender will automatically update every 8 hours. But you can also update manually. Q: How can I tell if the virus signatures database is up to date? A: Run "/opt/BitDefender/lib/bdc --info" and check the number of signatures matched with the one here.
39
BitDefender for Mail Servers – Linux SMTP Relay
Contact information
SUPPORT DEPARTMENT: As a valued provider, SOFTWIN strives to provide its customers with an unparallel level of fast and accurate support. The Support Center listed below is continually being updated with the newest virus descriptions and answers to common questions, so that you obtain the necessary information in a timely manner. At SOFTWIN, dedication to saving its customers time and money by providing the most advanced products at the fairest prices has always been a top priority. Moreover, we think that a successful business is based on a good communication and a commitment to excellence in customer support. Clients department: [email protected] Technical support: [email protected] Phone: 0040-21-233 07 80 Address: SOFTWIN 5th Fabrica de Glucoza St. PO BOX 52-93 Bucharest, ROMANIA
40
Sponsor Documents
Recommended
No recommend documents