avast4mail license count and vpopmail

[Dublin]

hi,
the original configuration is designed for xinetd daemon and you probably use tcpserver tool instead.
In this case, you have to edit 'tcp.qmail-smtp' file comment out all ':allow' lines and add a new line:
IP_address:allow,QMAILQUEUE="/usr/bin/avastfilter"

to apply changes, run:
tcprules tcp.qmail-smtp.cdb tcp.qmail-smtp.tmp < tcp.qmail-smtp

then modify the owner and permissions of /var/lib/avastmail/tmp and /var/run/avastmail directories:
chown avmail:qmail /var/lib/avastmail/tmp
chmod 0770 /var/lib/avastmail/tmp
chown avmail:qmail /var/run/avastmail
chmod 0770 /var/run/avastmail

finally restart qmail


If you want to check standalone avastfilter, edit /etc/mail/avastfilter.conf file and leave MTIFACE option empty. This causes that avastfilter starts to work in STDIN/STDOUT mode. So you can run:
  % cat email.eml | avastfilter -f sender recipient

and then parse the output for avast X-Header.

Code: [Select]

I'm not certain about localdomains, is it required to enter all local domains? Well, than I have the next problem, 16 lines were not enough on a virtual qmail server using vpopmail.
no, list all scanned mailboxes in 'accounts' file in the form 'user@domain'

Code: [Select]

P.S.:  Another question: changing the contents of accounts .... requires a restart of avastd/qmail or nothing?no, you can't restart anything

[Dublin]

Code: [Select]

I checked all report files and found the reason: some specific kind of Trojans won't be recognized by AVAST: Trojan-Spy.HTML.Bankfraud.od.
I tried all config options: testfill, ignoretype, archivetype=A, no difference.avast! does't detect phishing code!
I think, users should be a little sophisticated and don't trust everything they received from the Internet.

Code: [Select]

Do you plan to enhance AVAST to recognize Bankfraud trojans, too?no, we don't.