Brief Instructions

 Top  Previous  Next

 

How to Connect Dr.Web for UNIX Mail Servers to MTA as a Filter via Milter, Spamd or Rspamd

Follow the instructions provided in the Integration with MTA as a filter section.

How to Connect Dr.Web for UNIX Mail Servers to MTA as an Anti-Virus Filter Clamd

Follow the instructions provided in the Integration with External Applications section.

In this case, special component Dr.Web MailD designed for email scanning (including scanning for the signs of spam) is not used. Email transmitted by MTA will be scanned by anti-virus only. In case of threat detection, message processing is performed directly by the mail server.

How to Configure the Transparent Proxy Mode for MTA

Follow the instructions provided in the Using the Product in Proxy Mode section.

How to Restart Dr.Web for UNIX Mail Servers

To restart the product when it is already running, you can also use the script that controls the Dr.Web ConfigD configuration daemon. Startup, stop, or restart of the daemon cause respectively the startup, stop or restart of Dr.Web for UNIX Mail Servers.

The default directory of the shell script that controls the operation of Dr.Web ConfigD is /etc/init.d. The name of the script is drweb-configd. It has the following parameters:

Parameter

Description

start

Instructs to start Dr.Web ConfigD if it is not running. When Dr.Web ConfigD starts, Dr.Web ConfigD launches all the required modules of Dr.Web for UNIX Mail Servers.

stop

Instructs to shut down Dr.Web ConfigD if it is running. When Dr.Web ConfigD is shutting down, Dr.Web ConfigD also shuts down all the components of Dr.Web for UNIX Mail Servers.

restart

Instructs to restart (shut down and then start) Dr.Web ConfigD. Dr.Web ConfigD shuts down and then starts all the modules of Dr.Web for UNIX Mail Servers. If Dr.Web ConfigD is not running, the parameter has the same effect as start.

condrestart

Instructs to restart Dr.Web ConfigD only if it is running.

reload

Instructs to send a HUP signal to Dr.Web ConfigD if the component is running. Dr.Web ConfigD forwards this signal to all the components of Dr.Web for UNIX Mail Servers. The parameter is used to make all components reread their configuration.

status

Instructs to output the current state of Dr.Web ConfigD to the console.

To restart Dr.Web for UNIX Mail Servers (or start it, if it is not running), use the following command:

# /etc/init.d/drweb-configd restart

How to Connect to the Central Protection Server

1.Obtain the address of the central protection server and the file of its public key from your anti-virus network administrator. You may also need additional parameters, such as an identifier and password for your workstation or identifiers of the main group and tariff group.

2.Use the esconnect command of the Dr.Web Ctl command-line tool provided in Dr.Web for UNIX Mail Servers.

For connection it is required to use the option --Key, by specifying the path to the public key file of the server. You can additionally enter the identifier of your host (the ID of your “workstation”, if we use the terminology used by the central protection server) and a password for authentication on the central protection server by using the --Login and --Password parameters. In this case, connection to the server will be established only if you specify a correct identifier-password pair. If the parameters are not specified, connection to the server will be established only if it is approved on the server (automatically or by the administrator of the anti-virus network, depending on the server’s settings).

Moreover, you can use the --Newbie option (connect as a new user). If this mode is allowed on the server, then after this connection is approved, the server automatically generates a unique identifier/password pair, which will be further used for connection of this agent to the server. Note that in this mode the central protection server generates a new account for the host even if this host already has another account on the server.

A standard example of the command instructing Dr.Web for UNIX Mail Servers to connect to the central protection server:

# drweb-ctl esconnect <server address> --Key <path to the server’s public key file>

After establishing a connection to the central protection server, the product will operate in central protection mode or in mobile mode, depending on the permissions set on the server and the value of the configuration parameter MobileMode of the Dr.Web ES Agent component. To allow unconditional use of mobile mode, set the parameter’s value to On. For operation in central protection mode, set the parameter’s value to Off.

A standard example of the command instructing Dr.Web for UNIX Mail Servers that is connected to a central protection server to switch into mobile mode is as follows:

# drweb-ctl cfset ESAgent.MobileMode On

If the used central protection server does not support or does not allow mobile mode, adjusting the MobileMode parameter cannot switch operation of Dr.Web for UNIX Mail Servers to mobile mode.

How to Disconnect From the Central Protection Server

To disconnect the product from the central protection server and switch its operation into standalone mode, use the esdisconnect command of the Dr.Web Ctl command-line tool provided in Dr.Web for UNIX Mail Servers:

# drweb-ctl esdisconnect

To use the product in standalone mode, a valid license key file is required. Otherwise, anti-virus functions of the product will be blocked after the operation is switched to standalone mode.

How to Activate the Product

1.Register on the official website of Doctor Web at https://products.drweb.com/register/.

2.At the email address that you specified during the registration you will receive an archive containing a valid license key file (you can also download this archive directly from the website after you have finished the registration).

3.Carry out the key file installation procedure.

How to Upgrade the Product

Update component versions or upgrade to a new version.

Note that during the upgrade you can be asked to remove the current product version.

How To Add or Remove Component of the Product

Follow the Custom Component Installation and Uninstallation procedure.

Note that when installing and uninstalling the component, other product components could be additionally installed or uninstalled to resolve dependencies.

How to Manage Components Operation

To view the status of the product’s components and to manage their operation, you can use:

The command-line-based management tool Dr.Web Ctl (use the drweb-ctl appinfo, drweb-ctl cfshow and drweb-ctl cfset commands. To view the list of available management commands, use the command drweb-ctl --help).

The management web interface of Dr.Web for UNIX Mail Servers (by default, you can access it via a web browser at https://127.0.0.1:4443/).

How to View Log of the Product

According to default settings the general log of all product’s components is displayed in syslog file (the file for logging messages by the system component syslog depends on the system and is located in the directory /var/log). General log settings are defined in the configuration file in the section [Root] (parameters Log and DefaultLogLevel). For each component in their settings section, parameters Log and LogLevel are available. They set the log storage location and the logging level of messages that the component outputs in the log.

To change the logging settings, use the Dr.Web Ctl command line management tool and the Dr.Web for UNIX Mail Servers management web interface (if it is installed).

To identify errors, we recommend you to configure output of the general log of all components to a separate file and enable output of extended debug information to the log. For that, execute the following commands:

# drweb-ctl cfset Root.Log <path to log file>
# drweb-ctl cfset Root.DefaultLogLevel DEBUG

To return to the default logging method and verbosity level for all components, execute the following commands:

# drweb-ctl cfset Root.Log -r
# drweb-ctl cfset Root.DefaultLogLevel -r