conect eset mail security to mailscanner for linux and configure

Mark Sapiro mark at msapiro.net
Fri Nov 25 21:12:06 UTC 2016


On 11/25/2016 12:59 PM, Edson Hernandez wrote:
> error, the correctly configuration  of  this line is:   
> 
> 
> esets                   /usr/lib/MailScanner/wrapper/esets-wrapper      
>                /opt/eset/esets/sbin


I'm sorry, I'm having great difficulty understanding what you're trying
to tell me.

The above line is exactly what's in /etc/MailScanner/virus.scanners.conf
as distributed. What's the error?


...
> [root at smtp /]# sudo MailScanner --lint


This seems OK.


> Trying to setlogsock(unix)
> 
> Reading configuration file /etc/MailScanner/MailScanner.conf
> Reading configuration file /etc/MailScanner/conf.d/README
> Read 1501 hostnames from the phishing whitelist
> Read 14954 hostnames from the phishing blacklists
> Config: calling custom init function SQLBlacklist
> Starting up SQL Blacklist
> Read 0 blacklist entries
> Config: calling custom init function MailWatchLogging
> Started SQL Logging child
> Config: calling custom init function SQLWhitelist
> Starting up SQL Whitelist
> Read 0 whitelist entries
> 
> Checking version numbers...
> Version number in MailScanner.conf (5.0.3) is correct.
> 
> Your envelope_sender_header in spamassassin.conf is correct.
> MailScanner setting GID to  (89)
> MailScanner setting UID to  (89)
> 
> Checking for SpamAssassin errors (if you use it)...
> Using SpamAssassin results cache
> Connected to SpamAssassin cache database
> pyzor: check failed: internal error, python traceback seen in response
> SpamAssassin reported no errors.
> Connected to Processing Attempts Database
> Created Processing Attempts Database successfully
> There are 2 messages in the Processing Attempts Database
> Using locktype = posix
> MailScanner.conf says "Virus Scanners = esets"
> Found these virus scanners installed: clamd, esets

MailScanner is finding both esets and clamd.


> ===========================================================================
> Filename Checks: Windows/DOS Executable (1 eicar.com)
> Filetype Checks: Allowing 1 eicar.com
> Other Checks: Found 1 problems
> Virus and Content Scanning: Starting
> Cannot lock /var/spool/MailScanner/incoming/Locks/esetsBusy.lock, No
> existe el fichero o el directorio at
> /usr/share/MailScanner/perl/MailScanner/SweepViruses.pm line 751


The above appears to be an issue with MailScanner. If you

touch /var/spool/MailScanner/incoming/Locks/esetsBusy.lock

and then ensure that file has the same ownership and mode as the other
files in /var/spool/MailScanner/incoming/Locks/, the "Cannot lock"
message will probably go away.

In any case,


> Esets::INFECTED::Eicar test file
> Virus Scanning: esets found 1 infections
> Infected message 1 came from 10.1.1.1
> Virus Scanning: Found 1 viruses
> ===========================================================================
> Virus Scanner test reports:
> Esets said "found Eicar test file in eicar.com"
> Esets Actions said "cleaned by deleting"
> Esets Additional Info said "none"


MailScanner invoked esets on the message and esets correctly found the
Eicar test file.


> If any of your virus scanners (clamd,esets)
> are not listed there, you should check that they are installed correctly
> and that MailScanner is finding them correctly via its virus.scanners.conf.
> Config: calling custom end function SQLBlacklist
> Closing down SQL Blacklist
> Config: calling custom end function MailWatchLogging
> Config: calling custom end function SQLWhitelist
> Closing down SQL Whitelist


-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan


More information about the MailScanner mailing list