ESET NOD32 ANTIVIRUS - FOR LINUX-BSD MAIL SERVER - Handle Object Policy; Black-list and white-list creation

To Next Page

To Previous Page

5.2. Handle Object Policy

The Handle Object Policy (see gure 5-1) is a mechanism that provides handling of the scanned objects depending

on their scanning status. The mechanism is based on so-called action conguration options (’action_on_processed’,

’action_on_infected’, ‚action_on_uncleanable‘, ‚action_on_notscanned‘) combined with Anti-Virus enabling

conguration option (‚av_enabled‘). To get detailed information on these conguration options, please refer to the

nod32.cfg(5) manual page.

Every object processed by NOD32LMS/NOD32BMS is at rst handled with respect to the setting of the conguration

option ’action_on_processed’. Once this parameter is set to ’accept’, the object is handled according to the setting of

conguration option ’av_enabled’. Note that this parameter is of paramount importance if combined with so-called

User Specic Conguration mechanism. In this case various types of black-lists and white-lists can be congured.

Once ’av_enabled’ is enabled the object processed is scanned for virus inltrations and set of action conguration

options ’action_on_infected’, ’action_on_uncleanable’ and ’action_on_notscanned’ is taken into account to evaluate

further handling of the object. If action ’accept’ has been taken as a result of the three above action options or ’av_

enabled’ is disabled the object is accepted for further delivery. In case any of action conguration options caused other

than ‚accept‘ value, the object is blocked and will be handled according to the particular action taken.

5.3. Black-list and white-list

In this section we describe the black-list and/or white-list creation using the combination of already discussed

NOD32LS/NOD32BS conguration mechanisms. In particular the black-list or white-list can be created using the Handle

Object Policy features and User Specic Conguration mechanism. Thus the black-list or white-list can be created for

recipients and/or senders of e-mail messages scanned by NOD32LS/NOD32BS.

In the next example we demonstrate the black-list and also white-list creation for the nod32smtp module as a

content lter of MTA Postx. The original conguration section related to the module is as follows,

agent_enabled = yes

listen_addr = “localhost“

listen_port=2526

chapter 5 / Important NOD32LMS/NOD32BMS Mechanisms

Figure 5-1. Scheme of Handle Object Policy mechanism.

accept defer, discard, reject

action_on_processed

object not accepted

NO YES

av_enabled

accept defer, discard, reject

action_on_infected

action_on_uncleanable

action_on_notscanned

object not accepted

object accepted

Related product manuals