Plesk for Linux supports the following antivirus software:
- Plesk Premium Antivirus based on Dr.Web.
- Kaspersky Antivirus.
Both these solutions provide you with real-time mail traffic scanning and malware protection for customers. In this section you will find detailed information on these antivirus solutions.
Plesk Premium Antivirus is shipped with Plesk in the form of RPM packages.
/etc/drweb/is a directory with various configuration files.
/etc/drweb/drweb32.iniis the default configuration file for drwebd engine.
/etc/drweb/drweb_qmail.confis the configuration file for the qmail-queue filter.
/etc/drweb/users.confstores the configuration for every mail name for which antivirus is enabled.
The Dr.Web service is a standalone
drwebd daemon (also called engine),
which is started from the
/etc/init.d/drwebd script. You can also stop
and start it again with the following command:
# /etc/init.d/psa stopall # /etc/init.d/psa start
Note: these commands stop and start other Plesk services: DNS server, mail server, and so on
You can also manage it within the Services Management page in the Server Administration Panel.
The interaction with drwebd is established through the Dr.Web client. It can change antivirus parameters and start checking files. The client displays a full list of its attributes if run without attributes. Also, it can extract detailed operational information from the engine. The following command gives information about the Dr.Web version and virus database.
# /opt/drweb/drwebdc -sv -sb
By default, the virus databases are updated every 30 minutes by means of
the cron task:
/opt/drweb/update/update.pl > dev/null 2>&1
Dr.Web substitutes the native qmail-queue filter used for transferring
incoming messages to the qmail queue with its own utility. The utility’s
configuration settings are stored in the
Dr.Web filtering is activated on the mail name level. If enabled it can
check incoming, outgoing or both kinds of messages. The information is
stored in the
/etc/drweb/users.conf file. The following is an example of
three mail names with different Dr.Web configurations:
# grep domain01 /etc/drweb/users.conf allow any regex ^firstname.lastname@example.org$ allow to regex ^email@example.com$ allow from regex ^firstname.lastname@example.org$
In the above configuration, Dr.Web will check viruses in:
- Incoming and outgoing messages for
- Incoming messages for
- Outgoing messages for
Kaspersky Antivirus is a module that scans incoming and outgoing mail traffic on your server, and removes malicious and potentially dangerous code from email messages. In order to use Kaspersky Antivirus with your Plesk server, you need to install the Kaspersky Antivirus module, then purchase and install a license key.
Kaspersky Antivirus is distributed as an RPM package.
Kaspersky Antivirus resides in the following directories in Plesk.
It contains parameters as
key=value pairs grouped by sections. They
define the operation of all Kaspersky Antivirus components. All
configuration file parameters are grouped into sections, each of them
corresponding to a particular component of the product.
License keys directory:
Incoming and outgoing mail messages are processed like this:
- The stream of mail messages comes in from other servers or mail clients via the SMTP protocol.
- The mail system receives the mail traffic and passes it to Kaspersky Antivirus for scanning.
- The application processes the mail traffic according to the specified settings, and returns it to the mail system along with an additional set of notifications.
- The mail system routes the mail traffic to its destination.