ESET File Security

Phil Daws uxbod at splatnix.net
Tue Sep 23 10:47:53 IST 2014 

Paul: 

that is very interesting indeed. How does licensing work for a mail server ? Have been looking for a mainstream commercial solution to compliment our AV/AS packages.

Thanks, Phil

----- Original Message ----- 
From: "Paul Welsh" <paul at welshfamily.com> 
To: "MailScanner discussion" <mailscanner at lists.mailscanner.info> 
Sent: Tuesday, 23 September, 2014 12:01:47 AM 
Subject: ESET File Security 

Just to share my findings of ESET File Security with MailScanner 4.84.5 in case anyone's interested in using it. 

I got hold of a 30 day trial from http://www.eset.co.uk/Trial/Business?Product=LFS and have only installed it tonight so early days but was a breeze to install and appears to work fine. 

It appears to be licensed per server for £83 per year with a good discount for 2 and 3 year licences - see https://shop.eset.co.uk/Store/File-Security 

Installed it by downloading the software and manual from http://www.eset.co.uk/Download/Software/Product/LFS 

Installation on my CentOS 6.5 x64 box was simply a case of: 
sh ./esets.x86_64.rpm.bin 
then registering it with the licence file they sent: 
/opt/eset/esets/sbin/esets_lic --import /home/admin/NOD32.lic 
and editing the file /etc/opt/eset/esets/esets.cfg to add my username and password: 
av_update_username = 
av_update_password = 

At this point I could scan a directory: 
/opt/eset/esets/sbin/esets_scan /root 

I manually updated it, though not needed as it happened: 
/opt/eset/esets/sbin/esets_update 

The /etc/MailScanner/virus.scanners.conf file needed a small tweak: 
esets /usr/lib/MailScanner/esets-wrapper /opt/eset/esets/sbin 

I then tested without a problem: 
/usr/lib/MailScanner/esets-wrapper /opt/eset/esets/sbin /root 

I scanned another directory and got the following results. Very quick: 
Scan started at: Mon 22 Sep 2014 10:32:17 PM BST 
Scan completed at: Mon 22 Sep 2014 10:32:17 PM BST 
Scan time: 0 sec (0:00:00) 
Total: files - 39, objects 39 
Infected: files - 0, objects 0 
Cleaned: files - 0, objects 0 

Bitdefender took 25 seconds. OK, no daemon with bitdefender but a startling difference. Clamscan with clamd running took 7.5 seconds, f-prot took 1.25 seconds. 

I sent the eicar test file within the body of a message and eset captured it. The message wasn't delivered and instead the recipient got the text file with: 
esets: Found virus Eicar test file in msg-2635-1.txt 

I tried MailScanner.conf with the following and it worked each time: 
Virus Scanners = esets 
Virus Scanners = esets f-prot-6 
Virus Scanners = esets f-prot-6 clamd 

MailScanner's esets updater seems to work: 
Sep 22 23:09:32 mail update.virus.scanners: Found esets installed 
Sep 22 23:09:32 mail update.virus.scanners: Running autoupdate for esets 
Sep 22 23:09:55 mail esets-autoupdate[4734]: esets updated 

As per previous messages, I've found that the clamd daemon starts falling over after a few weeks with only a reboot resetting it. Memory leak? 

AVG, I found, looks like it works but delivers infected messages. 

I've 30 days to see if eset is more reliable. 

Oh, one other thing. ESET has 2 daemons: 
# ps -C esets_daemon 
PID TTY TIME CMD 
669 ? 00:00:00 esets_daemon 
671 ? 00:01:04 esets_daemon 


-- 
MailScanner mailing list 
mailscanner at lists.mailscanner.info 
http://lists.mailscanner.info/mailman/listinfo/mailscanner 

Before posting, read http://wiki.mailscanner.info/posting 

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list