|
Installation Instructions |
|
- Execute the downloaded script: /bin/sh nod32lms-*.bin
- Press Enter and read the Licence Agreement
- If you accept it, press 'y'
- You will find a package/archive in the current directory, install as usual using rpm, dpkg or extracting
|
|
NOD32 for Linux & BSD Mail Servers |
|
NOD32 for Linux Mail Servers is the best
antivirus system for e-mail servers running under the Linux
operating system. Its unsurpassed scanning speed and detection rate,
combined with its very small footprint make NOD32 the ideal choice.
From lower-powered, small office mail servers to enterprise-class
ISP mail servers with thousands of users, NOD32 for Linux Mail
Servers delivers the performance and scalability you expect from a
Linux-based solution, and the unmatched security of NOD32. |
|
Key Features Include
- User-friendly installation and simple configuration.
- MTA-independent solution (mail server independent).
- Unpacks archived e-mail attachments without the need for any
external programs.
- Scanning requests are sent to the running daemon for
increased speed and efficiency.
- Various levels of logging can be configured.
- Does not require external libraries or programs except for
libc.
- Supports writing infiltration information into e-mail
header, footer and subject
- Multi-threaded
- Flexible setup of scanning parameters allows a different
configuration for each mailbox (account) via SQL database, LDAP,
or Radius server.
System Requirements
- OS Linux (Kernel 2.2.x, 2.4.x and 2.6.x, glibc 2.2.5
orhigher)
- Mail Transport Agent (e.g.: postfix, sendmail, qmail, exim,
etc.)
- Mail Delivery Agent (e.g.: maildrop, procmail, deliver,
local.mail)
- 5MB hard-disk space and 8MB RAM (does not include the mail
server memory requirements)
Distribution Packages
- RedHat RPM
- Mandrake RPM
- Suse RPM
- Debian RPM
- Other Linux, via generic API in TGZ format
- FreeBSD Unix via TGZ format
|
|
System Architecture
The system consists of two modules: the SMTP
filter for outbound messages, and the MDA wrapper for inbound
messages, both described below. The SMTP filter acts as a mail
server performing antivirus scanning. Before a mail message is
dispatched, the NOD32 antivirus daemon (nod32d) checks it for the
presence of virus infections. If a virus is detected, it is stopped,
or an alternative action is triggered based on the current setup
parameters. The SMTP filter works with one global configuration for
all mailboxes and e-mail addresses, in contrast to the MDA wrapper
described below. The MDA wrapper is activated like a standard MDA (maildrop,
procmail, etc.). It intercepts e-mail, scans it with the nod32d
daemon and, based on the scanning results, triggers a predefined
action. If no infection is detected, the message is forwarded to the
standard MDA, which delivers the message into proper mailbox. An
individual set of parameters for each mailbox is supported. |
|
NOD32 for Linux & BSD
Servers FAQ
What's new?
Single download package for mail and file servers
New license key feature
AMaViS integration documentation
New 2nd option for on-access scanning
Sample submission system
X- header modification
Multi-processor support
Improved stability
Configuration settings by individual account
How do I upgrade?
Backup your settings in the directory /etc/nod32 (or /etc/opt/eset/nod32)
To upgrade: uninstall all nod32lms, nod32lfs, nod32lup versions,
install nod32ls
(nod32.cfg is backwards compatible)
How long will the old version be supported?
We support the last two versions.
If the mail and file server versions are in the same
package, do I get both?
The mail and file server versions of NOD32 are still licensed
separately, and
each will require a key file for that part to work.
How does the new licensing work?
Your username and password are required to download updates (like
before)
but you must copy your license file to /etc/nod32/license, (or
/etc/opt/eset/nod32/license) prior to starting the daemon.
What happens if my NOD32LS license expires?
nod32d won't start or will die in restart.
You won't be able to download updates.
Known issues?
Dazuko doesn't support ON_CLOSE events on Linux kernels 2.6.x
Multi-threaded Dazuko is not working on FreeBSD.
One of the new features is configuration by individual mail
account. Where can I get
documentation on how to do that?
See the nod32.cfg(5) manual page, under the section USER SPECIFIC
CONFIGURATION. |
|
Changelog |
|
Version 3.0.15
- fixed some RTP archives unpacking
- fixed notification scripts for FreeBSD
- updated manual pages
- esets_dac(EFS): fixed deadlock on FreeBSD
|
|
Version 3.0.14
- fixed RA client password login to RA server
- fixed license loading in Turkish locale
- fixed memory leak in ThreatSense.NET
- esets_wwwi: enhanced statistics
- esets_smfi (EMS): using also server's Received header
for spam recognition
- esets_http (EGS): URL whitelist
|
|
Version 3.0.13
- esets_http (EGS): fixed premature interrupt of
connections
|
|
Version 3.0.12
- http server for modules local mirror
- changed default of av_clean_mode from rigorous to
standard
- esets_daemon: changed settings for ThreatSense.NET
- esets_imap (EMS): corrected performance with Mozilla
Thunderbird
- esets_http (EGS): fixed threat log in virus notification
e-mail
- esets_http, esets_icap (EGS): optimized URL blocking
cache
|
|
Version 3.0.11
- support for FreeBSD 7
- added system dependencies into 64-bit rpm packages
- fixed listing of network interfaces with unknown
addresses
- esets_daemon: fixed license issue for EAV BE
- esets_daemon: continuing even after failed first-time
anti-spam modules update
- esets_daemon: fixed startup with only expired licenses
- esets_cgp (EMS): CommunigatePro filter
- esets_scan (EFS): supported ADS scanning
- esets_scan (EFS): activity indicator for pipe/file
output
- esets_icap, esets_http (EGS): fixed URL blocking cache
- esets_ssfi (EGS): added man page
- esets_wwwi: quarantine support
- esets_wwwi: updated php to 5.2.8
- esets_quar: fixed samples sending and listing, new
option: --list-fmt
- esets_quar: supported separate quarantine for all users
- esets_inst: enhanced compatibility with qmail
|
|
Version 3.0.10
- revisited products documentation
- esets_daemon: fixed memory leak
|
|
Version 3.0.9
- fixed definition of groups of modules for mirror
- esets_daemon: corrected algorithm for loading of the new
modules
- esets_update: corrected first time update
- esets_scan (EFS): fixed definition of multiple excludes
- esets_scan (EFS): no first time update required
|
|
Version 3.0.8
- esets_daemon: no Internet access required for
initialization
- esets_daemon, esets_update: fixed invalid
username/password issue for update
|
|
Version 3.0.7
- esets_daemon: fixed Remote Administration client reload
on Solaris
- esets_daemon: fixed unfinished scanlogs sending by
Remote
Administration client on Solaris
- esets_daemon: secured communication socket removal
- esets_daemon, esets_update: corrected groupadd and
useradd
- esets_daemon: suppressed long timeouts when terminating
- esets_daemon: fixed samples submission system reload
- esets_wwwi: fixed esets_daemon reload on Solaris
- esets_update: added verbose actualization process output
- esets_scan (EFS): fixed file scanning on read-only
filesystems
|
|
Version 3.0.6
- added checking of user specified TMPDIR environment
variable
- support for MAILBOX format scanning
- esets_daemon: fixed ESETS_RECIPIENT environment variable
- esets_inst: added full paths of Postfix binary files
- esets_update: fixed parsing of update.ver info file
- esets_wwwi: fixed relocation error on Solaris
- esets_wwwi: corrected excesive back slashes
- esets_wwwi: added product version check
- esets_http (EGS): support for multipart content type
scanning
- esets_dac (EFS): fixed handling of big files (> 2GB)
|
|
Version 3.0.5
- corrected esets user switching
- enhanced compatibility of Remote Administration client with
Solaris
- fixed higher memory consumption of daemon agents
- esets_update: corrected defaults setting
- esets_scan (EFS): enhanced filename character encoding of
scanned objects
- esets_icap (EGS): ICAP server for scanning HTTP messages
- esets_wwwi: added login/logout control
|
|
Version 3.0.4
- esets_daemon: added control of syntax errors in main
configuration file
- esets_daemon: added anti-virus scanning limits for
maximum object size and for maximum object size in
self-extracting archives
- esets_wwwi: enhanced compatibility with Solaris
- esets_smtp (EMS): correction of TLS support in MTA
Postfix
- esets_scan (EFS): fixed automatic scan of local disks
(command line option '--auto')
- esets_scan (EFS): correction of multiple directories
exclusion
- esets_scan (EFS): fixed Remote Administration client
logging
|
|
Version 3.0.3
- Fixed antispam scanning for unprivileged daemon
- Fixed antispam loading on 64-bit Debian
- Fixed package extraction on Solaris
- Fixed non-english messages
- Updated PHP to version 5.2.6
|
|
Version 3.0.2
- technology ThreatSense v3.0
- configuration, logging and handle object policy rewritten
- added Remote Administration client
- additional supported OS: NetBSD 4, Solaris 10
- support for 64-bit Linux OS: native binaries (except
esets_daemon)
- esets_http (EGS) - support for non-transparent ftp scanning
- esets_ftp (EGS) - added huge object handling
- esets_zmfi (EMS) - ZMailer's content-filter
- libesets_pac (EFS) - available for all platforms
|
|
Version 3.0.1
- 64bit systems support
- Added possibilty to run ESET components under user accounts
instead of superuser account
- Added support of FTP communication scanning in manual HTTP
proxy mode
|
|
2.71.12
- esets_daemon: added information USERSPEC into daemon log
and daemon notification script
- esets_daemon: correction of infiltrations information
passed to agents
- esets_cli (EMS): correction of action evaluation when
multiple files scanned
- esets_ssfi.so (EGS): support for SafeSquid of version
4.2 and higher
- esets_http (EGS): support of CONNECT method for user
defined ports
|
|
2.71.11
- esets_smfi (EMS): implementation of predefined response
of server using SetReply.
- esets_http (EGS): correction of deleted objects handling
|
|
2.71.10
- esets_http (EGS): correction of not scanned objects
handling
|
|
2.71.9
- esets_ftp (EGS): correction of random stuck of passive
connection when STOR command used
|
|
2.71.8
- new product ESET Gateway Security (EGS)
- existing products NOD32LMS and NOD32LFS were renamed to
ESET Mail Security (EMS)
- and ESET File Security (EFS)
- antispam engine (EMS)
- esets_daemon: periodic update of antivirus and antispam
databases
- esets_update: update utility
- esets_imap, esets_pop3 (EMS): IMAP and POP3 filters
- esets_http, esets_ftp, esets_ssfi.so (EGS): HTTP, FTP
filters
- and SafeSquid plugin
- esets_wwwi: web administration interface
- esets_lic: license utility
- esets_setup, esets_inst: user-friendly system integrator
|
|
2.70.11
- Compatibility with 64-bit Debian OS
|
|
2.70.10
|
|
2.70.9
|
|
2.70.8
|
|
2.70.7
- nod32d: Fixed bug with opening files in quarantine
|
|
2.70.6
- nod32d: Fixed bug in memory allocation/deallocation with
connections established through a proxy server
|
|
2.70.5
- nod32update: Fixed starting of nod32umc and nod32upd.
|
|
2.70.4
- nod32update: Fixed issue with download timeout.
- nod32d: Improved signal handling regarding download
functionality.
- nod32set: Automatic section creation, if not exists.
|
|
2.70.3
- nod32d, nod32update: More accurate waiting on update
completion, fixed bug in memory freeing.
- nod32update: Fixed issue in finding directory with binary
executables.
- nod32smtp (LMS): Mail's header pollution bugfix.
|
|
2.70.1
- nod32d - Added support for scanning of unwanted
applications.
- nod32d - Added functionality to update and reload anti-virus
modules.
- Added possibility to define scanner parameters individually
according to the client/server identification.
- Added possibility to define update parameters via main
configuration file.
- More evaluated product installation mechanism. The
installation package does not contain NOD32 modules any more.
These are downloaded during the product first initialization
stage, if necessary. The package installation process is more
user friendly now.
- nod32d - Enhancement of the license expiration warning
functionality.
The mechanism does not block the scanned objects processing
after license expiration, only deactivates the anti-virus
scanning functionality and starts sending the expiration report
notification about scanner deactivation to system administrator.
- Command line interface testing functionality of NOD32 agent
modules is fully replaced by the testing functionality using
agent identification parameter 'aid'.
- Added information about virus database version into the
e-mail header X-NOD32Result.
- Fixed bug in quarantine initialization.
- nod32umc - correct implementation of modules download
timeout
- Fixed bug in Samples Submission System cache.
- nod32smtp - Fixed bug in requests vs responses
synchronization.
- Major changes in documentation.
|
|
2.52.6
- nod32smfi - Fixed bug in selective configuration setting of
scanner using
client/server specification from nod32smfi agent module.
- nod32smfi - Fixed bug in nod32smfi process manager.
|
|
2.52.5
- nod32d - Better parsing of e-mail headers incorrectly
separated from e-mail body.
- nod32d - Fixed bug in thread manager.
|
|
2.52.2
- Higher efficiency of resident agent modules based on
implementation of 1 vs N (threads vs client/server connections)
model.
- Better system coordination based on maintenance of all
resident agent modules services by using main system daemon
'nod32d'
(Start of resident agent modules is controlled by parameters 'agent_enabled'
of the main NOD32 configuration file.)
- Unified logging system of all the modules.
- Implementation of nod32set module to provide comfortable
modifications of NOD32 configuration file.
- Update of the product documentation (changed structure, new
information).
- End of the produkt developement for FreeBSD OS version 4.X.
(technical support stays for NOD32BMS 2.51.x). The reason is
insufficient support of libc.so.4 library used in FreeBSD OS
version 4.x.
|
2.51.8
- support for e-mail headers of Zmailer
|
2.51.7
- nod32smfi - fixed bug in headers handling
- fixed bug in state of scan (clean vs. not scanned)
- correct handling of restart statement within initialization
scripts of deb packages
|
2.51.6
- fixed parsing in e-mail header for logs
- fixed bug in state of scan (clean vs. not scanned)
|
2.51.4
- Performance improvements in NOD32MDA
- Minor bug fixes in NOD32MDA
|
2.51.1 |
- Implementation of maximum archives descension level of scanner.
- Implementation of maximum scanning time (soft limit).
- Implementation of maximum unpacked archive size limit.
- Quarantine functionality implementation.
- Scanning system actions replaced by action_on_infected, action_on_uncleanable, action_on_notscanned, with enhanced functionality (clean, delete, accept, defer, discard, reject).
- Q-mail filter support enhanced (nod32pipe, nod32mda) including content filtering.
- Pipelined SMTP communication support in nod32smtp.
- Support for logrotate of internal daemon logging output.
- nod32umc: selective download of groups of component modules.
- Samples submission system re-implemented as individual process automanaged by main daemon.
- License expiration warning mechanism added.
- Better temporary files handling.
- Daemon--agent communication stability fixed.
- Support for scanning of uuencoded messages.
- nod32cli - writes infiltration name into the stdout.
|
2.15 |
- nod32d - memory allocation problems in archives support fixed
- nod32d - support for selfextracting archives added
|
|
2.14 |
- nod32d - logging format changed (nod32 build module number 'vdb' added)
- nod32d - memory allocation problems fixed
- nod32umc - return values problem fixed
- enhanced nod32lms documentation
- rpm package for RedHat Ready and (Novell) SuSE Ready added (package nod32lms-rsr reflects specifications: RedHat Ready at http://www.redhat.com/solutions/partners/rhrp and SuSE Ready at http://www.novell.com/partners/isvihv/ready)
- nod32cli - initial version of nod32 command line intreface agent
|
|
2.13 |
- support for Linux Kernel 2.6.x
- nod32upd (possibility to create mirror even if base directory is not defined)
- nod32smfi (abort of SMTP session fixed)
- footnote not written for digitally signed e-mails
|
|
2.12 |
- nod32smfi - memory allocation problems fixed
- nod32d - logging of communication between daemon and agent (level debug)
- guide.us.txt - documentation improved
|
|
2.11 |
- nod32smfi as Sendmail's Content Filter added
|
|
2.10 |
- nod32d (logging format changed)
- nod32unc (possibility of obsolete modules removal)
|
|
2.09 |
- nod32d (zombie processes creation fixed)
|
|
2.08 |
- nod32smtp (interpretation of nod32d return status "not scanned " fixed)
- nod32d (new logging level introduced - "full")
- nod32d (logging via syslog facility)
|
|
2.07 |
- nod32smtp (interpretation of nod32d return status "deleted" fixed)
- nod32d (header and footer insertion into e-mail footnote corrected)
|
|
2.06 |
|
|
2.05 |
|
|
2.04 |
- update via http-proxy with basic authentication supported
- multiple levels of logging in update mirror creator
- status deleted added into header and subject info
|
|
2.03 |
- support for downloading NOD32 Version 2 updates (packed worm scanner module)
|
|
2.01 |
- notification
- possibility to write infiltration information into e-mail header
|
|
2.00 |
- support for downloading NOD32 Version 2 updates (including archive module and other modules)
- advanced heuristics for Win32 worms
- multiple levels of logging
- possibility to write infiltration information into email footer and subject
- enhanced configurability
|
|