Hi,
on our server we host a few dfifferent domains. I use qmail (netqmail) and vpopmail.
For specific reasons only selected mail users and mail domains shall be virus protected. I don’t want and don’t need to protect all existing mail users.
How can I configure avast4mail to check only selected users/domains? Unfortunately the manuals were less helpfull. 
How is the number of licenses counted?
Thanxs,
Thomas
Hi,
I’ll add this feature into avast4mail
Hi,
thanks, also for the answer! 
(my mail to sales@ is still unanswered …)
I really don’t want to urge, but do you have a time schedule for the next release? My current antivirus solution must be renewed soon … and I’d like to try AVAST as replacement.
Thomas
I’ll try to prepare a test version to the end of the next week.
Hi,
thanks! Next weekend is perfect for me
Thomas
Another question:
do you need to protect some domains and then some users
or specific users at specific domains
?
Hi.
specific users. To be able to define a list of e-mail addresses (vpopmail POP3 accounts) which shall be protected should be great.
Next question: would the protected be work in both directions (receiving and sending)?
Thomas
it’s almost done
can you tell me how many users will approximetelly be in the protected list?
Hi,
currently we have a 120 user license, but maybe we’ll get an AVAST 200 user license if the test will be successfull.
Thomas
it’s optimal
Hi,
sorry, but I need to ask again … next monday is the absolutly latest deadline for my current antivirus license. And without a successfull test I’m really unable to buy a new antivirus software.
Thomas
here it is:
http://lion.asw.cz/~mensik/avast4mail-2.0.2b.tar.gz
I’m sorry for delay, I was simultaneously working on avast4server project to make filtering faster.
I’ve added the requested feature. Now you can set, if you want to filter all messages or to filter emails for specific domains or to filter messaged for specific mailboxes or to leave all messages intact
Tomorrow, I’ll take a look at the avast! daemon.
Thank you for any comments or sugestions.
Hi,
thanks! I’ll install and test it tonight.
Thomas
hi,
first report from installation - don’t know if this is the right place but IMO this should be reported:
During installation, before activating AVAST and disabling my old antivirus scanner, I tried both commandline scanners to compare them. I checked all local pop3 mailboxes (…/vpopmail/domain/* subdirs).
Scan summary:
Files=26096
Folders=6041
Archives=26394
Packed=2
Infected=61
Failed=62
Corrupted=2
Protected=8
Error=0
ScanTime=00:13:20
ScanSpeed=1291.363 Kb/s
Due to this result I also checked the old quarantine folders and the result is basicly the same: AVAST found less “suspicious” mail files than my old program. >:(
I checked all report files and found the reason: some specific kind of Trojans won’t be recognized by AVAST: Trojan-Spy.HTML.Bankfraud.od.
I tried all config options: testfill, ignoretype, archivetype=A, no difference.
To be honest: this is not really a virus nor trojan file itself. This kind of Bankfraud trojans is mostly only a simple HTML mail containing specific content (in Germany called “Phising Mails”): a mail which said it comes from your bank and you need to enter one or more TAN (secret numbers to sign your online banking transactions) to keep your bank account valid and online.
That’s a big problem not only in Germany - and I’m really astonished one Antivirus product does recognize and delete these kind of mails, but another product not.
I tried the Online Scanner with such a Bankfraud mail: same result, nothing found.
Do you plan to enhance AVAST to recognize Bankfraud trojans, too?
Thomas
Hi,
I installed all packages following the install manuals exactly. Unfortunately I couldn’t get avast4mail get work.
qmail and vpopmail itself are working correctly. Mails were coming in and and getting out, no error message. QMAILQUEUE is defined and exported in both scripts which are used to launch qmail. But NO mail is scanned. No log entry in mail.log, no avast X-Header.
I can’t find any reason why it shouldn’t work. I’m certain everything is configured correctly. I’m using netqmail-1.05 which does contain the needed QMAILQUEUE patch.
I also tried it with an empty accounts file (only “.”), no success.
I’m not certain about localdomains, is it required to enter all local domains? Well, than I have the next problem, 16 lines were not enough on a virtual qmail server using vpopmail.
File and folder permissions should be correct (thinking about the different settings needed for vpopmail) - otherwise I should get an error message, isn’t it?
Does avast4mail not work due to a wrong configuration or due to a problem into the beta release?
Thomas
P.S.: Another question: changing the contents of accounts … requires a restart of avastd/qmail or nothing?
hi,
the original configuration is designed for xinetd daemon and you probably use tcpserver tool instead.
In this case, you have to edit ‘tcp.qmail-smtp’ file comment out all ‘:allow’ lines and add a new line:
IP_address:allow,QMAILQUEUE=“/usr/bin/avastfilter”
to apply changes, run:
tcprules tcp.qmail-smtp.cdb tcp.qmail-smtp.tmp < tcp.qmail-smtp
then modify the owner and permissions of /var/lib/avastmail/tmp and /var/run/avastmail directories:
chown avmail:qmail /var/lib/avastmail/tmp
chmod 0770 /var/lib/avastmail/tmp
chown avmail:qmail /var/run/avastmail
chmod 0770 /var/run/avastmail
finally restart qmail
If you want to check standalone avastfilter, edit /etc/mail/avastfilter.conf file and leave MTIFACE option empty. This causes that avastfilter starts to work in STDIN/STDOUT mode. So you can run:
% cat email.eml | avastfilter -f sender recipient
and then parse the output for avast X-Header.
I'm not certain about localdomains, is it required to enter all local domains? Well, than I have the next problem, 16 lines were not enough on a virtual qmail server using vpopmail.
no, list all scanned mailboxes in ‘accounts’ file in the form ‘user@domain’
P.S.: Another question: changing the contents of accounts .... requires a restart of avastd/qmail or nothing?
no, you can’t restart anything
I checked all report files and found the reason: some specific kind of Trojans won't be recognized by AVAST: Trojan-Spy.HTML.Bankfraud.od.
I tried all config options: testfill, ignoretype, archivetype=A, no difference.
avast! does’t detect phishing code!
I think, users should be a little sophisticated and don’t trust everything they received from the Internet.
Do you plan to enhance AVAST to recognize Bankfraud trojans, too?
no, we don’t.