Kaspersky SMTP-Gateway 5.5 for Linux/Unix scans SMTP mail traffic for viruses. The solution is a fully functional mail relay which meets IETF RFC standards, and runs under Linux, FreeBSD and OpenBSD.
The solution:
scans all incoming and outgoing mail messages, including attached objects and message body, for viruses.
detects infected, suspicious, damaged and password protected attached files and message body.
cures infected mail message objects.
provides additional filtering of mail traffic by attached file name and MIME type and applies separate processing rules to objects filtered out of the mail traffic.
archives all sent and received messages, if this is specified in the security rules.
deflects hacker attacks, reduces the volume of unsolicited correspondence received, and prevents the mail server application from being used as an open mail relay for unsanctioned mass mailing.
reduces server load by using the appropriate program configuration and SMTP parameters.
notifies the sender and recipient of mail messages which contain infected, suspicious or damaged objects. Notification can also be sent to the administrator.
can move infected, suspicious or damaged objects to the quarantine directory and the backup directory.
updates anti-virus databases from the Kaspersky Lab update servers. Anti-virus databases are used to detect and cure infected files. Signatures contained in the databases are used to analyze files, the contents of files being compared to virus code. If a file is infected, the solution will cure it.
uses standard system management tools (command line parameters, signals, and modification of the application configuration file) for configuration and monitoring of Kaspersky SMTP-Gateway. The Webmin web interface administration program can be used for remote configuration and monitoring.
monitors protection status, and provides program statistics and reports.
The solution is made up of the following components:
smtpgw - the anti-virus protection component, which provides scanning, cure, movement to quarantine etc. of mail messages entering via the server.
licensemanager - for installation, deletion, and viewing of statistics related to licensing keys.
KeepUp2Date - the update component used to download updates from the Kaspersky Lab update server.
Webmin-module - for remote administration of the solution. The component makes it possible to configure and manage anti-virus database updates, view statistical information, configure scanning parameters according to object status, and monitor the running of the application.
One of the following operating systems:
Red Hat Enterprise Linux Advanced Server 3;
Red Hat Linux 9.0;
Fedora Core 3;
SuSE Linux Enterprise Server 9.0;
SuSE Linux Professional 9.2;
Debian GNU/Linux 3.0r3;
Mandrakelinux 10.1;
FreeBSD 4.10, 5.3;
OpenBSD 3.6.
Other:
Perl interpreter, version 5.0 or higher (www.perl.org) and the which utility to install the application.
Webmin (www.webmin.com) version 1.070 or higher to install the remote administration module (optional).
Bare LF appeared sometimes in the resulting messages after processing. This was fixed, in order to eliminate incompatibility with qmail. For more details, see: http://cr.yp.to/docs/smtplf.html
Diagnostics messages in the application log were reviewed and clarified.
Conformance to SMTP protocol was improved in handling SMTP-errors.
Some errors in the application code which led to unstable work under high load and on MP servers were fixed.
Processing of rules defined in the ConnectRule, HeloRule, MailfromRule and Relay Rule settings was fixed and clarified.
Webmin-module revised.
Administrator´s Manual revised.
Kaspersky SMTP-Gateway 5.5 Maintenance Pack 1 has been enhanced with the following additional features as compared with version 5.5 Release:
More then one successive dot ('.') symbols in local part (user name) of mailbox specifications in SMTP-commands are now explicitly allowed.
If the recipient is an Exchange 2000/2003 mailbox, messages sometimes may not be shown to recipient. Exchange 2000/2003 relies on its store's duplicate detection. For more details, see http://support.microsoft.com/default.aspx?scid=kb;en-us;269408. This behaviour may be experienced while sending messages from quarantine, backup storage or archive to their original recipients or when the message is addressed to several recipients that have mailboxes on the same store.
Exim mail servers by default do not advertise about support of 8bit-MIME extension. The application does not deliver messages with 8bit contents to such mail servers. Receipt of such messages should be enabled in Exim settings as follows: add accept_8bitmime = yes string to the main section of Exim configuration file.
There may be problems during delivery of messages to a remote mail server that uses Greylisting with too short timeouts. It is recommended to enter lower values for the MinimalBackoffTime and MaximalBackoffTime application settings or add a separate line for a such remote server in the ForwardRoute setting in the application configuration file.
Temporary SMTP errors (421 4.4.1 Communication error) may occur during delivery of messages to a remote mail server, which prematurely terminates connection after a permanent error (5xx) is initiated in defiance of RFC2821. That is not an error.
The kltlv utility included into the application package and intended for checking of notification templates verifies template syntax only. It does not validate correct names of macro variables in a template.
Webmin - There are problems with installing Webmin modules to systems using Webmin package bundled with Debian GNU/Linux 3.0r3. It is recommended to update Webmin software before installing the product.
Webmin module - The application does NOT restart automatically after modification of its configuration settings within Webmin. In order to apply the changes, the restart button in the "AV Run" tab should be used.
We recommend the following method for upgrading the application version 5.0 to 5.5:
1. Suspend receipt of e-mail messages using the recv-off command of the application control script.
2. Wait until the application sends to recipients all messages from its working queue (specified as the QueuePath parameter value in the [smtpgw.path] section of the configuration file). Should you fail to do so, all received unsent messages from the working queue will be lost.
3. Save the application configuration file and notification templates if they have been modified or created by the administrator while working with version 5.0.
4. Uninstall application version 5.0 using the method described in the included Administrator´s Manual. If the application Webmin-module has been installed it should be removed using Webmin administration tools.
5. Install application version 5.5 using the method described in the included Administrator´s Manual. Perform post-install setup procedure, which will generate the application configuration file.
6. If necessary, enter into the new application configuration file modifications added by the administrator while working with version 5.0.
The distribution package of the application version 5.5 includes a special script intended for automatic transfer (import) of parameter values from the 5.0 application configuration file, whenever they differ from the default values.
The script is located in:
/opt/kav/5.5/smtpgw/setup/ - on Linux,
/usr/local/share/kav/5.5/smtpgw/setup/ - on FreeBSD and OpenBSD.
To start the automatic transfer (import) process for the parameter values, you should enter the directory specified above and run the following command:
./import-smtpgw-5.0.pl in_file out_file
where:
in_file - full name of the application configuration file for version 5.0 saved during step 3;
out_file - name of the resulting file produced after transfer of parameter values.
If the value import process completes successfully, the contents of the resulting file can be used as a configuration file for the application version 5.5 (by default the application uses the /etc/kav/5.5/smtpgw/smtpgw.conf configuration file).
7. Move notification templates saved during step 3 to the corresponding directories.
Technical Support: support@kaspersky.com
General Information: info@kaspersky.com
Sales Information: sales@kaspersky.com