Skip to content

1. Postinstall and configure

Jump to bottom Edit New page
kaanlab edited this page Sep 30, 2015 · 1 revision

Install KAV and KAS add-on

Axigen9 does not include KAV and KAS binarys for FreeBSD x64, so you need to download and install it separately.
Download and copy kas-kav_fbsd_amd64.tar.gz archive on the server and follow the below steps (as root):

  • Stop Axigen server:
# /usr/local/etc/rc.d/axigen.sh stop  
Stopping AXIGEN Mail Server...   DONE
  • Make KAS/KAV options available in Webadmin:
    # cp core_config_license.hsp /var/axigen/webadmin/private
    open core_config_license.hsp and replace string IF EQ(CPU, "x64")
    with IF EQ(CPU, "xxx")
    # chown axigen:axigen /var/axigen/webadmin/private/core_config_license.hsp
  • Extract the content of the kas-kav_fbsd_amd64.tar.gz archive:
# tar zxvf kas-kav_fbsd_amd64.tar.gz
x kas-kav_fbsd_amd64/
x kas-kav_fbsd_amd64/core_config_license.hsp
x kas-kav_fbsd_amd64/kav.tar.gz
x kas-kav_fbsd_amd64/lib.tar.gz
x kas-kav_fbsd_amd64/kas.tar.gz
x kas-kav_fbsd_amd64/lib32.tar.gz
x kas-kav_fbsd_amd64/bin.tar.gz
  • Copy the binary files:
# tar zxvf bin.tar.gz
# cp bin/* /usr/local/axigen/bin/
  • Copy the libraries:
# tar zvxf lib.tar.gz
# cp -r lib /usr/local/axigen/
  • Copy the KAV files:
# tar zxvf kav.tar.gz
# cp -r kav /var/axigen/
# chown -R axigen:axigen /var/axigen/kav
  • Copy the KAS files:
# tar zxvf kas.tar.gz
# cp -r kas /var/axigen/
# chown -R axigen:axigen /var/axigen/kas
  • Install & config the libraries needed by KAS/KAV (see below if required):
    Add 32-bit compatibility shared library search paths to /etc/rc.conf 
ldconfig32_paths="/usr/lib32 /usr/local/axigen/lib" 
ldconfig_paths_aout="/usr/lib/compat/aout /usr/local/lib/aout /usr/local/axigen/lib"

Restart ldconfig for changes to take effect:
# /etc/rc.d/ldconfig restart
If any of the commands bellow return the shown result:

# ldd /usr/local/axigen/bin/kasserver
ldd: /usr/bin/ldd32: No such file or directory

or

# ldd /usr/local/axigen/bin/kavserver
ldd: /usr/bin/ldd32: No such file or directory

then install the ldd32 by running the commands below:

# tar zxvf lib32.tar.gz
# cd lib32
# chmod a+x install.sh
# ./install.sh

Verify that the binaries find the path to the libraries:

# ldd /usr/local/axigen/bin/kasserver
/usr/local/axigen/bin/kasserver:
    libkassdk.so.3 => /usr/local/axigen/lib/libkassdk.so.3 (0x280ad000)
    libupdsdk8.so.2 => /usr/local/axigen/bin/../lib/kas/libupdsdk8.so.2 (0x28472000)
    libthr.so.3 => /usr/lib32/libthr.so.3 (0x28698000)
    libstdc++.so.6 => /usr/lib32/libstdc++.so.6 (0x286ad000)
    libm.so.5 => /usr/lib32/libm.so.5 (0x287a0000)
    libgcc_s.so.1 => /usr/lib32/libgcc_s.so.1 (0x287ba000)
    libc.so.7 => /usr/lib32/libc.so.7 (0x287c5000)
# ldd /usr/local/axigen/bin/kavserver
/usr/local/axigen/bin/kavserver:
    libsdk8l3.so.4 => /usr/local/axigen/lib/libsdk8l3.so.4 (0x280a9000)
    libupdsdk8.so.2 => /usr/local/axigen/lib/libupdsdk8.so.2 (0x281da000)
    libthr.so.3 => /usr/lib32/libthr.so.3 (0x283fa000)
    libstdc++.so.6 => /usr/lib32/libstdc++.so.6 (0x2840f000)
    libm.so.5 => /usr/lib32/libm.so.5 (0x28502000)
    libgcc_s.so.1 => /usr/lib32/libgcc_s.so.1 (0x2851c000)
  • Start the Axigen server:
    # /usr/local/etc/rc.d/axigen.sh start
  • From the Webadmin → Service Management interface start KAV and KAS services;
  • From the Webadmin → Antivirus&Antispam interface enable KAV and KAS services;
  • Verify that the services are starting properly
# tail -f /var/axigen/efilters/kavlog.txt
[..]
Thu May 29 01:35:52 2014 kav:[INFO] Config value <workingDirectory>=</var/axigen/kav>
Thu May 29 01:35:52 2014 kav:[INFO] Config value <libraryDirectory>=</usr/local/axigen/lib/>
Thu May 29 01:35:52 2014 kav:[INFO] Loading AV database from </var/axigen/kav/kdb>
Thu May 29 01:35:52 2014 kav:[INFO] KAV license path: </var/axigen/kav>
Thu May 29 01:36:17 2014 kav:[INFO] License info (name:'XXXXXXX.key', expire date (MM-DD-YYYY): 06-27-2014)
Thu May 29 01:36:17 2014 kav:[INFO] Database date (MM-DD-YYYY HH:MM:SS): 08-24-2010 16:58:24
[..]  
# tail -f /var/axigen/efilters/kaslog.txt
[..]
Thu May 29 01:35:53 2014 kas:[INFO] set config value <workingDirectory>=</var/axigen/kas>
Thu May 29 01:35:53 2014 kas:[INFO] set config value <libraryDirectory>=</usr/local/axigen/lib/>
Thu May 29 01:35:54 2014 kas:[INFO] Loading AS database from </var/axigen/kas/work_dir>
Thu May 29 01:36:02 2014 kas:[INFO] License info (name:'XXXXXXX.key', expire date (MM-DD-YYYY): 06-27-2014)
Thu May 29 01:36:02 2014 kas:[INFO] New config applied
Thu May 29 01:36:02 2014 kas:[INFO] [FFFFFFFF:0] Send: FFFFFFFF:0 DONE
[..]

ClamAV

  • install clamav
  • add clamav to axigen group
    pw groupmod axigen -m clamav
  • start clamav
  • navigate into the Webadmin interface to Security & Filtering -> Incoming Message Rules
  • click the 'Add Message Rule' button
  • write a suggestive name for the rule
  • in the Conditions section select "Custom"
  • write in the first textbox "X-AxigenVirus-Level" without quotes
  • select "Is" from the combo box
  • write the value "5" without quotes in the last textbox
  • select Delete or Discard in the Actions section
  • save the rule

Convert mail attachments received in TNEF format (webmail.dat)

  • install mimedefang, tnef, p5-Convert-TNEF, p5-File-Type
  • open /usr/local/etc/rc.d/mimedefang and add string SOCKET=inet:10084
  • open /usr/local/etc/mimedefang/mimedefang-filter and add:
sub filter_tnef {
    my($entity, $fname, $ext, $type) = @_;
    ### Convert TNEF winmail.dat format
    ### Note: You must install Convert::TNEF and File::Type from CPAN before using this script
    if (lc($type) eq "application/ms-tnef" or lc($fname) eq "winmail.dat" ) {
        use Convert::TNEF;
        use File::Type;
        use File::Temp qw(tempfile tempdir);
        # Create a unique temporary directory under "/tmp"
        my $tnefdir = tempdir(CLEANUP => 1, DIR => "/tmp");
        if (not $tnefdir) {
                md_graphdefang_log('tnef_fail',"Unable to create temporary directory");
                return action_accept();
        }
        # If we can't Convert the TNEF file for some reason, just accept the attachment and log the error
        my $tnef = Convert::TNEF->read_ent($entity,{output_dir=>"$tnefdir"});
        if (not $tnef) {
                md_graphdefang_log('tnef_fail',$Convert::TNEF::errstr);
                return action_accept();
        }
        my $ft = File::Type->new();
        # Append attachments contained in the winmail.dat file to the message.
        for ($tnef->attachments) {
             # Determine the mime-type of the file
             my $mimetype = $ft->mime_type($_->data);
                 # File::Type doesn't detect text files well, this is a workaround
             if ($mimetype eq "application/octet-stream") {
                  #Set the mime-type to text/plain if the first 1024 characters are printable
                  $text_check = substr($_->data,0,1024);
                  $mimetype = "text/plain" unless $text_check =~ /[^[:print:]s]/;
             }
              my $tnef_entity = action_add_part($entity, "$mimetype", "base64", $_->data, $_->longname, "attachment");
             md_graphdefang_log('tnef_ext', "File: " . $_->longname . " Type: $mimetype");
              # Run each new TNEF-sourced MIME part back through the filter again, this ensures that bad filenames etc.
             # cannot sneak through by being contained in winmail.dat files
              filter ($tnef_entity, $_->longname, "", "$mimetype");
        }
        # Deletes working files
        $tnef->purge;
        # Remark this if you want still want to keep the original winmail.dat file
        return action_drop();
    }
    # Keep the attachment
    return action_accept();
}
  • start mimedefang and add rules into Webadmin interface like in Axigen KB

Download link for GeoIP

Main site
Download link for GeoLite Country base in CSV/zip format

About
1. Postinstall & configure

2. Known bugs and how to fix it

About
1. Postinstall & configure

2. Known bugs and how to fix it

Clone this wiki locally