ESET Antivirus for Linux

It is recommended that all Mailborder Master and Child servers have two virus scanners if possible. ESET NOD32 Desktop Antivirus or ESET File Server Security Antivirus suites are a low cost addition. You may install the ESET NOD32 Desktop software and use the trial at no charge. Both ESET 4.x and 7.x for Linux are supported.

The ESET File Server Security Antivirus is the preferred ESET add-on suite for use with Mailborder. The desktop solution will work, but requires a Linux GUI such as Gnome to install the software and exclusions must be added to the configuration.

*Note that if your server does not have a GUI such as Gnome installed, you cannot use the ESET NOD32 Desktop Antivirus as it requires a graphical installer.

*At the time of this writing the cost for an Eset license is $47 per year for one server or $190 per year for 5 servers. Mailborder Systems does not sell Eset licenses. It must be purchased directly from Eset or an authorized reseller.

Product: ESET File Server Security (7.x)

Official Help: EFS Linux Help

Installation

Download the installer and run the installation. The file is normally named efs.x86_64.bin.

chmod +x efs.x86_64.bin
./efs.x86_64.bin

Correcting the Library

Run this command to correct the symlink for the Eset library.

ln -sf /var/opt/eset/efs/lib /opt/eset/efs/sbin/cls/lib

Enabling the Web GUI

Run these commands to enable the web based interface. By default it uses port 9443. You will need this GUI to add the exclusions outlined below.

/opt/eset/efs/sbin/setgui --gen-cert
/opt/eset/efs/sbin/setgui --enable

Configuration GUI default: https://your.hostname-here.tld:9443

License

You may install the license in the configuration GUI, but you may also install it via the command line. Below is the format replacing XXXX-XXXX-XXXX-XXXX-XXXX with your license code:

/opt/eset/efs/sbin/lic --key XXXX-XXXX-XXXX-XXXX-XXXX

Required Exclusions for Real-Time Protection

Important! Once in the web configuration GUI, make the below changes so Mailborder is not interrupted by the antivirus on-access monitor.

Left Menu > Setup > Detection Engine

Performance exclusions > Edit
Detection exclusions > Edit

Add these items: 

/etc/mailborder/*
/srv/mailborder/*
/var/spool/mailborder/*
/usr/lib/mailborder/*
/var/lib/mailborder/*
/var/tmp/mailborder/*

Required: Disable Real-Time Protection
Note that real-time file system protection will interfere with the Mailborder services unless this service is disabled or Cleaning is disabled. Every email and attachment is scanned by the Mailborder software using virus scanners available on the server, so real-time protection is not required if this is a dedicated gateway. (It should be!)

Left Menu > Setup > Detection Engine > Real-time file system protection > Basic tab > Enable Real-time file system protection = off
Left Menu > Setup > Detection Engine > Real-time file system protection > Threatsense Parameters tab > Cleaning = no cleaning

How to Enable for use in Mailborder

To enable this virus scanner, edit the file /etc/mailborder/conf.d/engine.cf and add these lines:

x_enable_esets=yes
x_esets=/opt/eset/efs/sbin/cls/cls

Note that if your installation location is different, you will need to set the appropriate path for the x_esets value.

Product: ESET File Server Security (4.x)

*Note that if your server does not have a GUI such as Gnome installed, you cannot use the ESET NOD32 Desktop Antivirus as it requires a graphical installer.

Recommended Settings

Installation location: /opt/eset/esets/

Real-time file system protection: Off or add directory exclusions*

* Note that real-time file system protection is extremely resource intensive and will interfere with the Mailborder services unless certain directories are excluded. Every email and attachment is scanned by the Mailborder software using virus scanners available on the server, so real-time protection is not required if this is a dedicated gateway. (It should be!)

Required Exclusions for Real-Time Protection

/etc/mailborder/*
/srv/mailborder/*
/var/spool/mailborder/*
/usr/lib/mailborder/*
/var/lib/mailborder/*
/var/tmp/mailborder/*

How to Enable for use in Mailborder

To enable this virus scanner, edit the file /etc/mailborder/conf.d/engine.cf and add this line:

x_enable_esets=yes

The default install local is /opt/eset/esets/sbin/esets_scan. If you used a different install location, also add this line to the engine.cf file:

x_esets=/path/to/file/esets_scan