After-queue integration by rerouting

When "after-queue" integration is used and messages are rerouted to Kaspersky Security 8 for Linux Mail Server for scanning and then returned to the Exim mail server, the following conditions must be satisfied:

The filter must be configured to intercept messages from the Exim mail server via socket-in. This socket must be specified in the configuration of the program.
The filter must forward messages to Scan Logic for scanning via the scanner socket. This socket must be specified in the configuration of the program.
The filter must return messages to the Exim mail server via socket-out. This socket must be specified in the configuration of the program.

When after-queue integration with the Exim mail server is used for rerouting, socket-in, scanner, and socket-out must point to a network socket.

Depending upon the specific distribution of the operating system, you have to modify one or several configuration files of the Exim mail server. For example, in Debian and Ubuntu, the Exim mail server configuration may consist of several files in the /etc/exim/conf.d directory or a single file only.

To perform after-queue integration of Kaspersky Security 8 for Linux Mail Server with Exim by rerouting:

Make a backup copy of the Exim configuration file (files).
In the [routers] section of Exim configuration file(s), add after the line
begin routers

add the following lines:

#klms-filter-begin-2

klms_dnslookup:

driver = dnslookup

domains = ! +local_domains

ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8

verify_only

pass_router = smtp_proxy

no_more

klms_system_aliases:

driver = redirect

allow_fail

allow_defer

data =${lookup{$local_part}lsearch{/etc/aliases}}

verify_only

pass_router = smtp_proxy

klms_localuser:

driver = accept

check_local_user

verify_only

pass_router = smtp_proxy

cannot_route_message = Unknown user

failed_address_router:

driver = redirect

verify_only

condition = "{0}"

allow_fail

data = :fail: Failed to deliver to address

no_more

smtp_proxy:

driver = manualroute

condition = "${if or {{eq {$interface_port}{$forward_port}} \\

{eq {\$received_protocol}{spam-scanned}} \\

}{0}{1}}"

transport = smtp_proxy

route_list = "* localhost byname"

self = send

#klms-filter-end-2

where $forward_port is the port number of the socket to which the message will sent after being scanned by Kaspersky Security 8 for Linux Mail Server.
In the [transports] section of Exim configuration file(s), add after the line
begin transports

add the following lines:

#klms-filter-begin-3

smtp_proxy:

driver = smtp

port = $scanner_port

delay_after_cutoff = false

allow_localhost

#klms-filter-end-3

where $scanner_port stands for the port, which filter uses to wait for messages.
In the main Exim configuration file (exim.conf or update-exim.conf.conf), specify the substring in the form 127.0.0.1.$forward_port as follows:
dc_local_interfaces=<IP adress1>.<port1>:127.0.0.1.$forward_port

or

local_interfaces=<IP address1>.<port1>:127.0.0.1.$forward_port

where the 127.0.0.1.$forward_port substring is required to enable the Exim mail server to accept processed messages from the filter and listen for data on $forward_port.
Compile the Exim configuration file (files) according to your operating system settings.
Open the file /var/opt/kaspersky/klms/installer.dat (under Linux) or /var/db/kaspersky/klms/installer.dat (under FreeBSD).
Add the following lines to the file:
EXIM_INTEGRATION_TYPE= after-queue

START_SMTP_PROXY=1
Open the file /etc/opt/kaspersky/klms/klms_filters.conf (under Linux) or /usr/local/etc/kaspersky/klms/klms_filters.conf (under FreeBSD).
In the [smtp_proxy] section, specify the following settings:
socket-in=inet:$scanner_port@127.0.0.1

socket-out=inet: $forward_port@127.0.0.1
Set the true value in the [global] section for theheader-guard setting.
Restart the klms service.
Restart Exim mail server.

Page top