ESET Antivirus for Linux
It is recommended that all Mailborder Master and Child servers have two virus scanners if possible. ESET NOD32 Desktop Antivirus or ESET File Server Security Antivirus suites are a low cost addition. You may install the ESET NOD32 Desktop software and use the trial at no charge. Both ESET 4.x and 7.x for Linux are supported.
The ESET File Server Security Antivirus is the preferred ESET add-on suite for use with Mailborder. The desktop solution will work, but requires a Linux GUI such as Gnome to install the software and exclusions must be added to the configuration.
*Note that if your server does not have a GUI such as Gnome installed, you cannot use the ESET NOD32 Desktop Antivirus as it requires a graphical installer.
*At the time of this writing the cost for an Eset license is $47 per year for one server or $190 per year for 5 servers. Mailborder Systems does not sell Eset licenses. It must be purchased directly from Eset or an authorized reseller.
ESET 7.x
Product: ESET File Server Security (7.x)
Official Help: EFS Linux Help
Installation
Download the installer and run the installation. The file is normally named efs.x86_64.bin.
chmod +x efs.x86_64.bin ./efs.x86_64.bin
Correcting the Library
Run this command to correct the symlink for the Eset library.
ln -sf /var/opt/eset/efs/lib /opt/eset/efs/sbin/cls/lib
Enabling the Web GUI
Run these commands to enable the web based interface. By default it uses port 9443. You will need this GUI to add the exclusions outlined below.
/opt/eset/efs/sbin/setgui --gen-cert /opt/eset/efs/sbin/setgui --enable
Configuration GUI default: https://your.hostname-here.tld:9443
License
You may install the license in the configuration GUI, but you may also install it via the command line. Below is the format replacing XXXX-XXXX-XXXX-XXXX-XXXX with your license code:
/opt/eset/efs/sbin/lic --key XXXX-XXXX-XXXX-XXXX-XXXX
Required Exclusions for Real-Time Protection
Important! Once in the web configuration GUI, make the below changes so Mailborder is not interrupted by the antivirus on-access monitor.
Left Menu > Setup > Detection Engine
Performance exclusions > Edit
Detection exclusions > Edit
Add these items:
/etc/mailborder/*
/srv/mailborder/*
/var/spool/mailborder/*
/usr/lib/mailborder/*
/var/lib/mailborder/*
/var/tmp/mailborder/*
Required: Disable Real-Time Protection
Note that real-time file system protection will interfere with the Mailborder services unless this service is disabled or Cleaning is disabled. Every email and attachment is scanned by the Mailborder software using virus scanners available on the server, so real-time protection is not required if this is a dedicated gateway. (It should be!)
Left Menu > Setup > Detection Engine > Real-time file system protection > Basic tab > Enable Real-time file system protection = off
Left Menu > Setup > Detection Engine > Real-time file system protection > Threatsense Parameters tab > Cleaning = no cleaning
How to Enable for use in Mailborder
To enable this virus scanner, edit the file /etc/mailborder/conf.d/engine.cf and add these lines:
x_enable_esets=yes x_esets=/opt/eset/efs/sbin/cls/cls
Note that if your installation location is different, you will need to set the appropriate path for the x_esets value.
ESET 4.x
Product: ESET File Server Security (4.x)
*Note that if your server does not have a GUI such as Gnome installed, you cannot use the ESET NOD32 Desktop Antivirus as it requires a graphical installer.
Recommended Settings
Installation location: /opt/eset/esets/
Real-time file system protection: Off or add directory exclusions*
* Note that real-time file system protection is extremely resource intensive and will interfere with the Mailborder services unless certain directories are excluded. Every email and attachment is scanned by the Mailborder software using virus scanners available on the server, so real-time protection is not required if this is a dedicated gateway. (It should be!)
Required Exclusions for Real-Time Protection
/etc/mailborder/*
/srv/mailborder/*
/var/spool/mailborder/*
/usr/lib/mailborder/*
/var/lib/mailborder/*
/var/tmp/mailborder/*
How to Enable for use in Mailborder
To enable this virus scanner, edit the file /etc/mailborder/conf.d/engine.cf and add this line:
x_enable_esets=yes
The default install local is /opt/eset/esets/sbin/esets_scan. If you used a different install location, also add this line to the engine.cf file:
x_esets=/path/to/file/esets_scan