FRISK Software International

How does the Qmail plug-in work?

In-transit mail scanning in Qmail can be achieved by using the f-prot-qmail plug-in included in F- Prot Antivirus for MailServers. To achieve this functionality, f-prot-qmail must be put in place of qmail's qmail-queue utility while retaining the original qmail-queue program backed up as qmail-queue.orig in the same directory. Here is the procedure:
#cd /var/qmail/bin
#mv qmail-queue qmail-queue.orig
#cp /usr/local/f-prot/tools/f-prot-qmail ./qmail-queue
#chown qmailq.qmail qmail-queue
#chmod 4711 mail-queue
Now make sure that f-protd is running and you have scan-mail.pl running with the -server option. Now you should be able to make a connection to 127.0.0.1:11200 for scan-mail.pl and 127.0.0.1:10200 for f-protd.

The f-prot-qmail program will make a copy of each message in /tmp, contact the Mail Scanner at port 11200 and supply the Mail Scanner with the message. When the Mail Scanner has finished rewriting the message, the f-prot-qmail program will start qmail-queue and supply it with the rewritten message.

The Mail Scanner will add a header line to your e-mail, "X-Antivirus: Scanned by F-PROT Antivirus (http://www.f-prot.com)"

If F-PROT Antivirus detects an infection in a message or attachment, the Mail Scanner will try to neutralize the threat. If the infection is removed, the Mail Scanner will only defang the message or attachment. If, however, F-PROT Antivirus fails to remove the infection, the message or attachment will be removed, and an appropriate message will be appended to the e-mail. The Mail Scanner will take no action if the attachment is found to be clean. In the case of a runtime error, the Mail Scanner will defang the message. Defanging involves changing the filename extension, and thus removing the danger of a user running the attached file by double-clicking it.

The Mail Scanner can be configured to generate backups of all incoming mail by supplying it with the -backup switch. To generate backups of infected messages only, use the -quarantine switch. This will cause the Mail Scanner to create a directory MMDD/ under /usr/local/f-prot/backup (where MM is a number representing the month, and DD is a number representing the day of the month), and a file underneath there in the format of unix-time.pid. That file will contain the original message before the Mail Scanner scanned it.



Feedback | Contact Technical Support | Contact Sales Support

 
Frequently Asked Questions by platform
F-PROT Antivirus
- for Windows
- for UNIX
- for Exchange
F-PROT AVES
Helpfiles
F-PROT Antivirus
- for Windows
- for UNIX
- for Exchange
F-PROT AVES
Life cyle policy
Stay up to date with life cycle policies for F-PROT Antivirus for Windows.
more...
Glossary of Terms
Definitions of common antivirus terminology.
more...

Related links
More information about F-Prot Antivirus for UNIX:
Help files
Manual pages

agoat@klaki.net argentina@f-prot.com argentina@frisk.is argentina@complex.is argentina@f-prot.is argentina@frisk-software.com argentina@f-prot.net argentina@f-prot.co.uk brazil@f-prot.com brazil@frisk.is brazil@complex.is brazil@f-prot.is brazil@frisk-software.com brazil@f-prot.net brazil@f-prot.co.uk malta@f-prot.com malta@frisk.is malta@complex.is malta@f-prot.is malta@frisk-software.com malta@f-prot.net malta@f-prot.co.uk a.bjani@f-prot.com a.bjani@frisk.is a.bjani@complex.is a.bjani@f-prot.is a.bjani@f-prot.co.uk a.bjani@frisk-software.com a.bjani@f-prot.net z.fifl@f-prot.com z.fifl@frisk.is z.fifl@complex.is z.fifl@f-prot.is z.fifl@f-prot.co.uk z.fifl@frisk-software.com z.fifl@f-prot.net strumpuri@complex.is strumpure@complex.is strumpuru@complex.is