Linux security 64 and email scanning

oleksandr_trotsai
oleksandr_trotsai W/ Alumni Posts: 1 Security Scout
edited July 2020 in Linux Products

Hi


I have some problems to config exim with linux security 64

Is that possible to scan email from exim (or postfix, but exim is better for me)?

Can you give some examples of configuration?

Linux security installed on centos 8

If I understand correct I should use this service

 290973 ?       Ss    0:00 /opt/f-secure/baseguard/bin/fsavd --config=file:/etc/opt/f-secure/baseguard/fsavd.conf --socketname=/var/opt/f-secure/baseguard/fsavd/run/socket-0 --pidfile=/var/opt/f-secure/baseguard/fsavd/run/pid

But I can't find /var/opt/f-secure/baseguard/fsavd/run/socket-0

Answers

  • MonikaL
    MonikaL W/ Alumni Posts: 206 W/ Former Staff

    Hi Oleksandr,

    I have highlighted your inquiry to the respective team, and will update you as soon as I hear back from them.

    Regards,

    Monika

  • MonikaL
    MonikaL W/ Alumni Posts: 206 W/ Former Staff

    Hi Oleksandr,

    First of all, LS64 is Endpoint Protection Software as apart of some mail gateway, while it could be technically possible it is LS64 misuse.

    It may well be possible, but that is not among the targeted use cases of the Linux Security 64 product. We have Atlant product for integration into 3rd party gateway type of solutions, that is licensed per server or per protected user/mailbox. Integrated server solutions are covered by our Atlant product. (I do understand that the line between a "workstation" and "server" is very blurred among Linux users.)

    If you are asking for examples of mail server configuration, I'm sorry but we don't have such examples available. As for configuring Linux Security 64, the product does not have configuration files. Instead, you configure the product using the Policy Manager, the PSB or the "lsctl" command-line tool as instructed in the User Guide.

    The page  https://www.exim.org/exim-html-current/doc/html/spec_html/ch-content_scanning_at_acl_time.html suggests different integration methods between Exim and content scanners. We don't have a ready-made Exim plugin, but you could implement one using Atlant's REST or ICAP interfaces. Or you could use the "cmdline" setting and the "fsanalyze" command-line scanner, which is available both on Linux Security 64 and Atlant.

    We do not officially support, nor we provide such an integrations tested and out of the box. It is up to Atlant’s end user to create and test such an integration.


    > Linux security installed on centos 8

    > If I understand correct I should use this service

    > 290973 ?    Ss  0:00 /opt/f-secure/baseguard/bin/fsavd --config=file:/etc/opt/f-secure/baseguard/fsavd.conf --socketname=/var/opt/f-secure/baseguard/fsavd/run/socket-0 --pidfile=/var/opt/f-secure/baseguard/fsavd/run/pid

    > But I can't find /var/opt/f-secure/baseguard/fsavd/run/socket-0


    No, that service is not useful for your need. Suggestion is to only go by documented interfaces.


    Regards,

    Monika

This discussion has been closed.