Help - Search - Members
Full Version: KAV4LMS 5.6 With kas-3.0.284.1
Kaspersky Lab Forum > English User Forum > Protection for Small and Medium Businesses
fr3akX
26.08.2008 14:41
Hello!
So I had a following setup Postfix -> KAS (kas-pipe) -> KAV -> Postfix -> Mbox. With KAv 5.5 everything worked fine, but now I upgraded to Kav4LMS 5.6. For the first sight its seems like a completely different product. When I set it on I had following issues:
KAS logs: KASERROR [NOLOGID]: sts_init returned: Incorrect I/O protocol: unexpected response from filtering service, while talking to KAV.
Is it possible to enable PIPELING and HELO in KAV4LMS, I think this is the cause of KAS error logging. When i connect to KAV and say HELO, response is like EHLO.
Any advices?
Thank You!
hinote
26.08.2008 22:31
hi there,

seems that KAS speaks with KAV using LMTP while KAV listens and answers using SMTP or vice-versa...
check kindly Outgoing protocol in the KAS' filter.conf

(yes, kav4ms 5.6 was completely rewritten and looks like a different application...)
fr3akX
27.08.2008 09:03
KAS while talking to KAV is using SMTP protocol (filter.conf: PipeOutProtocol smtp). I think issue is beacause of KAV worng response on HELO, which is like on EHLO. KAS sends helo to KAV and expects response something like '<resp_code> <hostname>', but instead it gets server capabilities.
there is sample of conversation:
CODE
250 KAV4LMS Filter
HELO mail
250-kas.domain.tld
250-8BITMIME
250-DSN
250 XFORWARD NAME ADDR PROTO HELO
EHLO mail
250-kas.domain.tld
250-8BITMIME
250-DSN
250 XFORWARD NAME ADDR PROTO HELO

It seems its a bug.
hinote
27.08.2008 15:11
Well, one should not probably tell KAS to pass messages directly to KAV.
Instead, a standard integration schema into postfix assumes that an additional smtpd, which receives messages after KAS is started. It then uses kav4lms 5.6 as a content_filter in order to check messages for viruses. Finally, another one smtpd receives messages after kav and delivers them further to the destination transport.
fr3akX
28.08.2008 13:17
Why I need addition smtpd which makes setup more complicated? I try to keep things simple as possible, integration of additional smtpd is not a solution! Maybe You just can fix it, and in further follow RFC which is ignored in kav4lms-filter implementation.
Thank You!
hinote
28.08.2008 13:51
here comes a reference configuration for kas-kav, which works fine and is pretty simple,
it is obtained just after installing both applications and running respective postinstallation scripts.

you need an additional smtpd since this is a standard (tested and supported) integration schema.
Of course, you may configure postfix, kas and kav on completely different manner manually, but in this case all integration issues are up to you...

main.cf:
CODE
#kav4lms-filter-begin
content_filter = kav4lms_filter:127.0.0.1:10025
#kav4lms-filter-end


master.cf:
CODE
smtp      inet  n       -       n       -       -       smtpd
### KASPERSKY ANTI-SPAM  BEGIN ###
  -o content_filter=kas3scan:127.0.0.1:9026
### KASPERSKY ANTI-SPAM  END ###

...

#kav4lms-filter-begin
kav4lms_filter       unix    -       -       n        -      10      smtp
    -o smtp_send_xforward_command=yes
127.0.0.1:10026        inet    n       -       n       -       10      smtpd
    -o content_filter=
    -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_ad
dress_mappings
    -o smtpd_helo_restrictions=
    -o smtpd_client_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8,[::1]/128
    -o smtpd_authorized_xforward_hosts=127.0.0.0/8,[::1]/128
#kav4lms-filter-end
### KASPERSKY ANTI-SPAM  BEGIN ###
127.0.0.1:9026 inet n  n       n       -       20      spawn
   user=mailflt3 argv=/usr/local/ap-mailfilter3/bin/kas-pipe
127.0.0.1:9025 inet    n       -       n       -       25      smtpd
    -o smtpd_authorized_xforward_hosts=127.0.0.0/8
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=no
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o receive_override_options=no_address_mappings

kas3scan      unix  -       -       n       -       10      smtp
        -o smtp_send_xforward_command=yes
### KASPERSKY ANTI-SPAM  END ###


filter.conf:
CODE
PipeInProtocol smtp
PipeOutProtocol smtp
PipeOutgoingAddr tcp:127.0.0.1:9025
PipeUseXForward yes


kav4linuxmailserver.conf:
CODE
FilterSocket=inet:10025@127.0.0.1
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2008 Invision Power Services, Inc.