Author Topic: avast4mail license count and vpopmail  (Read 12223 times)

0 Members and 1 Guest are viewing this topic.

Dublin

  • Guest
Re: avast4mail license count and vpopmail
« Reply #15 on: August 28, 2006, 02:48:31 PM »
hi,
the original configuration is designed for xinetd daemon and you probably use tcpserver tool instead.
In this case, you have to edit 'tcp.qmail-smtp' file comment out all ':allow' lines and add a new line:
IP_address:allow,QMAILQUEUE="/usr/bin/avastfilter"

to apply changes, run:
tcprules tcp.qmail-smtp.cdb tcp.qmail-smtp.tmp < tcp.qmail-smtp

then modify the owner and permissions of /var/lib/avastmail/tmp and /var/run/avastmail directories:
chown avmail:qmail /var/lib/avastmail/tmp
chmod 0770 /var/lib/avastmail/tmp
chown avmail:qmail /var/run/avastmail
chmod 0770 /var/run/avastmail

finally restart qmail


If you want to check standalone avastfilter, edit /etc/mail/avastfilter.conf file and leave MTIFACE option empty. This causes that avastfilter starts to work in STDIN/STDOUT mode. So you can run:
  % cat email.eml | avastfilter -f sender recipient

and then parse the output for avast X-Header.


Code: [Select]
I'm not certain about localdomains, is it required to enter all local domains? Well, than I have the next problem, 16 lines were not enough on a virtual qmail server using vpopmail.
no, list all scanned mailboxes in 'accounts' file in the form 'user@domain'


Code: [Select]
P.S.:  Another question: changing the contents of accounts .... requires a restart of avastd/qmail or nothing?no, you can't restart anything

Dublin

  • Guest
Re: avast4mail license count and vpopmail
« Reply #16 on: August 28, 2006, 03:17:48 PM »
Code: [Select]
I checked all report files and found the reason: some specific kind of Trojans won't be recognized by AVAST: Trojan-Spy.HTML.Bankfraud.od.
I tried all config options: testfill, ignoretype, archivetype=A, no difference.
avast! does't detect phishing code!
I think, users should be a little sophisticated and don't trust everything they received from the Internet.

Code: [Select]
Do you plan to enhance AVAST to recognize Bankfraud trojans, too?no, we don't.
« Last Edit: August 28, 2006, 03:21:59 PM by dublin »