Install Avast: Difference between revisions

From Proxmox Mail Gateway
Jump to navigation Jump to search
(update to bullseye instructions)
(add instruction to disable upstream reporting)
 
(3 intermediate revisions by the same user not shown)
Line 24: Line 24:


# Create the appropriate [https://manpages.debian.org/apt/sources.list.5.en.html sources.list] entry:
# Create the appropriate [https://manpages.debian.org/apt/sources.list.5.en.html sources.list] entry:
#:<code>echo "deb http://deb.avast.com/lin/repo debian-buster release" > /etc/apt/sources.list.d/avast.list</code>
#:<code>echo "deb https://repo.avcdn.net/linux-av/deb debian-bookworm release" > /etc/apt/sources.list.d/avast.list</code>
# Verify the signing key for the repository from Avast:
# Verify the signing key for the repository from Avast:
#* Get the key
#* Get the key
Line 41: Line 41:


Follow the [https://repo.avcdn.net/linux-av/doc/avast-techdoc.pdf instructions provided by Avast] to activate your purchased license.
Follow the [https://repo.avcdn.net/linux-av/doc/avast-techdoc.pdf instructions provided by Avast] to activate your purchased license.
Currently (02.07.2021) you'll get an activation code with your purchase and need to obtain the license file with the <code>avastlic</code> utility:
Currently (13.07.2023) you'll get an activation code with your purchase and need to obtain the license file with the <code>avastlic</code> utility:
  avastlic -f /etc/avast/license.avastlic -c <YOUR-ACTIVATION-CODE>
  avastlic -f /etc/avast/license.avastlic -c <YOUR-ACTIVATION-CODE>
The utility is in a debian package of its own (so you can also run it on a separate machine):
apt install avast-license


After enabling your license you need to restart the <code>avast.service</code>
After enabling your license you need to restart the <code>avast.service</code>
Line 59: Line 62:
  systemctl restart pmg-smtp-filter
  systemctl restart pmg-smtp-filter


== Disable sending statistics and files to the Avast Virus Lab ==
By default <code>avast</code> sends files it considers suspicious and statistics to the Avast's virus lab.
To disable this you need to edit the avast configuration <code>/etc/avast/avast.conf</code>:
# Avast configuration file
#
# Below are all available configuration options and their default values. Only
# the options in the OPTIONS section can be changed at runtime.
# RUN_DIR = "/run/avast"
# TEMP_DIR = "/tmp"
# DATA_DIR = "/var/lib/avast"
# SOCKET = "/run/avast/scan.sock"
# LICENSE = "/etc/avast/license.avastlic"
# WHITELIST = "/etc/avast/whitelist"
SUBMIT = "/bin/true"
[OPTIONS]
# CREDENTIALS = 0
STATISTICS = 0
HEURISTICS = 0
# STREAMING_UPDATES = 1
# REPUTATION_QUERIES = 1
[PACKER_BOMB]
# MAX_FILE_SIZE_TO_EXTRACT_MB = 1000
# MAX_COMPRESSION_RATIO = 100


Should you need further help, consider getting a [https://www.proxmox.com/en/proxmox-mail-gateway/pricing enterprise support subscription]
Should you need further help, consider getting a [https://www.proxmox.com/en/proxmox-mail-gateway/pricing enterprise support subscription]

Latest revision as of 09:38, 13 July 2023

Introduction

Proxmox Mail Gateway ships and uses the open source ClamAV antivirus engine in its default installation.

Certain environments have the need for a better virus detection rate than the one achieved by ClamAV.

For these setups Proxmox Mail Gateway offers an integration with the Avast Antivirus for Linux. This HOWTO follows the technical documentation from Avast - https://repo.avcdn.net/linux-av/doc/avast-techdoc.pdf

Avast Antivirus for Linux is commercial software and you will need to purchase a license in order to use it.

The following facts are why it can be integrated with Proxmox Mail Gateway as an alternative to ClamAV:

  • The licensing is based on the number of installations instead of other licensing schemes such as the number of processed mails or mailboxes.
  • The software runs daemonized and thus reads and caches the AV definitions once upon startup instead of each time a file is scanned

The following HOWTO provides the necessary steps to install and configure Avast within a Proxmox Mail Gateway installation.

Installing Avast Antivirus for Linux

Proxmox Mail Gateway is based on Debian GNU/Linux - thus you need to follow the installation instruction for Debian systems.

To configure the Avast repository and install the software:

  1. Create the appropriate sources.list entry:
    echo "deb https://repo.avcdn.net/linux-av/deb debian-bookworm release" > /etc/apt/sources.list.d/avast.list
  2. Verify the signing key for the repository from Avast:
    • Get the key
      wget https://repo.avcdn.net/linux-av/doc/avast-gpg-key.asc
    • Read the checksum
      sha512sum avast-gpg-key.asc
    • The result should be
      7fca6e2a8984931d46a8ff13cd086a934ca126068c074c86a13a30aa2f909663b9e5ae8529a02632c7735d2823bfc71b0e0987a63f8c4dd11130b2529e956f22 avast-gpg-key.asc
    • Add the GPG key
      cp avast-gpg-key.asc /etc/apt/trusted.gpg.d/
  3. Update the apt package information and install the software
    apt update
    apt install avast

Registering license

Follow the instructions provided by Avast to activate your purchased license. Currently (13.07.2023) you'll get an activation code with your purchase and need to obtain the license file with the avastlic utility:

avastlic -f /etc/avast/license.avastlic -c <YOUR-ACTIVATION-CODE>

The utility is in a debian package of its own (so you can also run it on a separate machine):

apt install avast-license

After enabling your license you need to restart the avast.service

 systemctl restart avast.service

Integration with Proxmox Mail Gateway

Enabling the Avast scanner in Proxmox Mail Gateway is achieved by editing the Promox Mail Gateway's configuration file /etc/pmg/pmg.conf and adding the line avast 1 to the admin section:

section: admin
	avast 1
	email admin@pmg.example

Finally you need to restart the pmg-smtp-filter service, or reboot your Promox Mail Gateway:

systemctl restart pmg-smtp-filter


Disable sending statistics and files to the Avast Virus Lab

By default avast sends files it considers suspicious and statistics to the Avast's virus lab. To disable this you need to edit the avast configuration /etc/avast/avast.conf:

# Avast configuration file
#
# Below are all available configuration options and their default values. Only
# the options in the OPTIONS section can be changed at runtime.

# RUN_DIR = "/run/avast"
# TEMP_DIR = "/tmp"
# DATA_DIR = "/var/lib/avast"
# SOCKET = "/run/avast/scan.sock"
# LICENSE = "/etc/avast/license.avastlic"
# WHITELIST = "/etc/avast/whitelist"
SUBMIT = "/bin/true"

[OPTIONS]
# CREDENTIALS = 0
STATISTICS = 0
HEURISTICS = 0
# STREAMING_UPDATES = 1
# REPUTATION_QUERIES = 1

[PACKER_BOMB]
# MAX_FILE_SIZE_TO_EXTRACT_MB = 1000
# MAX_COMPRESSION_RATIO = 100

Should you need further help, consider getting a enterprise support subscription