Before-queue integration using dynamic linking

To use the "before-queue" integration method, you have to specify that dlfunc support is required when compiling the corresponding dynamic library from the source code. Repositories of some Linux distributions contain compiled Exim versions already, in other cases manual compiling is required.

In case of manual compilation, you have to add the following lines to Makefile:

EXPAND_DLFUNC=yes

EXTRALIBS= -export-dynamic

When before-queue integration via a dynamic library is used, the filter must transfer messages for scanning to ScanLogic through ServiceSocket. This socket must be specified in the configuration of the program.

Depending upon the specific distribution of the operating system, you have to modify one or several configuration files of the Exim mail server. For example, in Debian and Ubuntu, the Exim mail server configuration may consist of several files in the /etc/exim/conf.d directory or a single file only.

To perform before-queue integration of Kaspersky Security 8 for Linux Mail Server with Exim using a dynamically loaded library:

1. Make sure that the Exim mail server supports dlfunc-based content filtering. To do so, run the exim -bV command.

   The following represents a positive result: Expand_dlfunc.

2. Make a backup copy of the Exim configuration files.
3. Modify the access control list for acl_smtp_data. To do that, find in the Exim configuration file(s) the line that looks like:

   acl_smtp_data = acl_check_data (the line may contain another access control list instead of acl_check_data)

   and after the line

   acl_check_data: (or line containing another access control list)

   add the following lines:

   #klms-filter-begin

   warn set acl_m_klms_headers =

   set acl_m_klms_result =

   set acl_m_klms_answer = ${dlfunc{LIBDIR/libklms-exim.so}{scan}{${spool_directory}/input}}

   defer condition = ${if eq {$acl_m_klms_answer}{}{yes}{no}}

   log_message = LMS check failed (empty answer)

   message = Temporary local problem - please try later

   defer condition = ${if match {$acl_m_klms_answer}{\N^451\N}{yes}{no}}

   log_message = LMS check defer: ${if match {$acl_m_klms_answer} \

   {\N^451 Mail processing aborted(.+\n?.*\n)*$\N}{$1}{}}\\

   ${if eq {$acl_m_klms_result}{}{}{, result is \

   '$acl_m_klms_result\'}}\

   , temporary file $acl_m_klms_tempfile

   message = Temporary local problem - please try later

   defer condition = ${if match {$acl_m_klms_answer}{\N^452\N}{yes}{no}}

   log_message = LMS check defer: ${if match{$acl_m_klms_answer} \

   {\N^451 Mail processing timed out(.+\n?.*\n)*$\N}{$1}{}}\

   ${if eq {$acl_m_klms_result}{}{}{, result is \

   '$acl_m_klms_result\'}}\

   , temporary file $acl_m_klms_tempfile

   message = Temporary local problem - please try later

   deny condition = ${if match {$acl_m_klms_answer}{\N^550\N}{yes}{no}}

   log_message = LMS check reject: ${if match {$acl_m_klms_answer} \

   {\N^550 Rejected by malware filter(.+\n?.*\n)*$\N}{$1}{}}\

   ${if eq {$acl_m_klms_result}{}{}{, result is \

   '$acl_m_klms_result\'}}\

   , temporary file $acl_m_klms_tempfile

   deny condition = ${if match {$acl_m_klms_answer}{\N^554\N}{yes}{no}}

   log_message = LMS check reject: ${if match {$acl_m_klms_answer} \

   {\N^554 Mail processing failed(.+\n?.*\n)*$\N}{$1}{}}\

   ${if eq {$acl_m_klms_result}{}{}{, result is \

   '$acl_m_klms_result\'}}\

   , temporary file $acl_m_klms_tempfile

   message = ${if match {$acl_m_klms_answer} \

   {\N^554 Mail processing failed(.+\n?.*\n)*$\N} \

   {Mail processing failed:$1}{}}

   warn condition = ${if match {$acl_m_klms_answer}{\N^250\N}{yes}{no}}

   logwrite = LMS check accept: ${if match {$acl_m_klms_answer} \

   {\N^250 (.+)$\N}{$1}{}} \

   ${if eq {$acl_m_klms_result}{}{}{, result is \

   '$acl_m_klms_result\'}}

   set acl_m_klms_answer =

   warn condition = ${if eq {$acl_m_klms_answer}{}{no}{yes}}

   logwrite = LMS check: $acl_m_klms_answer

    

   #klms-filter-end

   where LIBDIR – path to the libklms-exim.so library:

   • for FreeBSD (32-bit) - /usr/local/lib/kaspersky/klms/libklms-exim.so,
   • for FreeBSD (64-bit) - /usr/local/lib/kaspersky/klms/compat64/libklms-exim.so,
   • for Linux (32-bit) - /opt/kaspersky/klms/lib/libklms-exim.so,
   • for Linux (64-bit) - /opt/kaspersky/klms/lib64/libklms-exim.so.
4. Compile the .so module according to the settings of your operating system (optional).
5. Add the user kluser to the group to which the exim process belongs.
6. In the [global] section, set the false value for the header-guard setting of the klms_filter.conf filter settings file.
7. Open the file /var/opt/kaspersky/klms/installer.dat (under Linux) or /var/db/kaspersky/klms/installer.dat (under FreeBSD).
8. Add the following line to the file:

   EXIM_INTEGRATION_TYPE=dlfunc

9. Restart the klms service.
10. Restart Exim mail server.

The Kaspersky Security 8 for Linux Mail Server installation package contains the compiled dynamically loaded library dlfunc for all operating systems supported by the program. The source files required for the dlfunc library are located in the directory /opt/kaspersky/klms/share/src/dlfunc (under Linux) or /usr/local/share/klms/src/dlfunc (under FreeBSD).

In some cases, manual compilation is required.

To perform a manual compilation of the dynamically loaded dlfunc library:

1. Install the source libraries of the Exim mail server.
2. Install the libevent library (version 2.0.10 or higher).
3. Install the boost library (version 1.47.0 or higher).
4. Change to the /opt/kaspersky/klms/share/src/dlfunc directory (on Linux) or the /usr/local/share/klms/src/dlfunc directory (on FreeBSD).
5. Run the following command: ./configure --with-exim=<path to exim headers> --with-boost=<path to boost> --with-libevent=<path to libevent>.
6. Run the following command: # make.

The libklms-exim.so file appears in the current folder.