| |
| ¹ |
Description |
File |
Size |
Date |
| 1 |
IMailzip Antivirus, version 5.0.3.14 |
(Download) |
29 074 Kb |
1 Oct 08 |
| 2 |
IMailzip 5.0.1.4 user guide (html help file) |
(Download) |
228 Kb |
18 Jun 06 |
| 3 |
IMailzip 5.0.1.4 user guide (PDF file) |
(Download) |
285 Kb |
6 Jan 06 |
| 4 |
IMailzip + ClamAV update, version 5.0.3.9 |
(Download) |
1 385 Kb |
1 Nov 07 |
Operation system (tested on server and workstation boxes):
Windows NT4, Windows 2000, Windows XP, Windows 2003 Server
Hardware:
CPU 500-1200 MHz
RAM 128-256 Mb
Additional software:
Ipswitch Imail Server installed
- ImailZip antivirus has been divided into 3 logical parts: Manager,
Daemon, Scanner. Anti-virus engine has also been moved to independent
module.
|
Application
|
Main functions
|
| IMailZip Manager |
- Setting users and domains configuration
- Anti-virus, anti-spam checking, zip compression, etc. for local
users mbx files only
- Extra functions (passwords dump, etc.)
|
| IMailZip Daemon |
- Detecting a new messages in spool directory and execute scanner
for each new e-mail
|
| Antivirus engine |
- Receiving requests from Imail Server side scanners and response
the scanning results over TCP socket
- Either Kaspersky Engine or ClamAV engine module
|
| IMailZip Scanner |
- Performing anti-virus, anti-spam checking, zip compression,
etc. only for spool messages. It takes only global domain configuration
settings. Per/user options currently unsupported in scanner. You
need to implement per/user feature only in Manager module.
- Sending request and receiving response from standalone anti-virus
engine over predefined TCP host and port. ClamAV open source engine
module support enabled.
|
- Good virus and spam detection quality
- Compress attachments for dial-up users
- Remove viruses and spam messages carefully from mbx files
- Integrate with any Ipswitch Server in plug-and-play mode easy and
fast
- Replace antivirus engine from Imail Server box to save CPU time
- Set individual configuration for particular domain or user
 |
In short, the working algorithm of imailzip is the following:
- IMail Server receiving a new mails and place them to the spool
queue.
- IMailZip Daemon detect a new message in queue and execute Scanner
- IMailZip Scanner sends request to Antivirus Engine and receive
a response. Depends on response result the Scanner either remove
or proceed current e-mail
- After e-mail arrives to end users mailbox the IMailZip Manager
perform similar to Scanner tasks but on mailbox level for selected
users.
|
This needs appear when you try to receive incoming messages remotely
through GPRS or dial-up. Usually it is time consuming to download big
(none-zipped) messages from users. In this way it is very cozy to receive
25 Kb message instead 650 Kb. But in local network it is not critical.
However, in some cases it is prevent automatic start up executable
attached files. So any binary executable attached file appear in zip
archive instead ready for execution [.exe]. Also, you can set password
to any of your incoming attachments to increase security.
Would you like to compress attachments for archive or none-used mailboxes?
This option is right for you.
Nowadays, unwanted mail is a kind of problem. There are no complete
solutions but, most e-mail systems support checking incoming mail in
open relays databases. There are many different hosts support free blacklist
service, among them: bl.spamcop.net, relays.ordb.org and so on. The
one else problem is that most server add-ones by default replay to senders
about open relay and viruses. So in this way you have unexpected traffic.
The best solution from my opinion is to keep your system silent on spam
and viruses.
To use anti-spam option you must specify blacklist hosts, separated
by semicolon(;) or comma(,) and set spam checking option to "on".
The program send for each mail request to DNS server on 53 port and
receive response to 1053 port. Each request time-out is 2 sec. If host
is unavailable the mail status is "not a spam". Request sends
by default to your ISP, and depends on your current DNS configuration.
As a rule, there are more than one DNS servers in your TCP/IP configuration.
So the program takes a first item from DNS list. Unfortunately, if your
primary DNS server is unavailable the antispam feature will be ignored.
So if you wish to send request to another DNS server change your current
TCP/IP configuration.
This option support only blacklist hosts with DNS response like a.b.c.d
A 127.0.0.X, where X in [0..9]
List of recommended DNS-based Spam Databases
with 127.0.0.X response:
blackholes.five-ten-sg.com, bl.spamcop.net, sbl-xbl.spamhaus.org,
spamguard.leadmon.net, dnsbl.njabl.org,
relays.ordb.org, bl.csma.biz, bl.deadbeef.com, blackholes.mail-abuse.org,
dnsbl.antispam.or.id,
dnsbl.cyberlogic.net, dnsbl.sorbs.net, relays.mail-abuse.org, relays.visi.com,
relaywatcher.n13mbl.com, sbl.csma.biz
Anti-spam option is not system resources consuming and each mail treatment
time will not be more than 2 sec per blacklist host. But recommended
amount of spam hosts is 3-6 per user depends on available ISP channel.
If the system detects spam there are following possible actions performs:
1. Modify Subject "Spam from relay: ipaddress.orbl.host"
2. Delete Message on the fly
3. Add header entry "X-ImailZip-Spam: ipaddress.orbl.host"
If you wish to ignore delete message for some mail senders addresses
you should specify them in "Trusted" page. There are two ways
to configure trusted senders; first is the domain name address configuration.
Please refer the following trust pattern to configure senders address:
myfriend1@myhost.com
myfriend2@myhost.com
*@myhost.com
myfriend@myhost.??
Where:
* - any amount of any symbols
? - any one symbol
The second way is to specify an ip-address or group of ip-addresses
that the program will ignore.
KillFile
Version 4.3.0.9 and later support KillFile option. To enable KillFile
please refer to:
LOCAL_MACHINE\Software\ImailZip [KillFile] parameter
If the following parameter does not exist, create it as a string. Specify
the correct path and file name to KillFile. Enter desired e-mail addresses
to reject, each address in new line.
- userid@host
For example, to deny access from a user mail account, enter: fred@widget.com
- @host
For example, to deny access to all users from the mail host widget.com,
enter: @widget.com
- @*partialhost
For example, to deny mail from any mail host ending in widget.com,
enter: @*widget.com. This will reject all mail from widget.com, bluewidget.com,
nifty.widget.com, etc.
For more information about file syntax read Ipswitch Imail Server help
"Creating and Editing the SMTP Kill file".
$MiddleDigitUser
Most spam programs generate a random sender's username in the following
format:
\D+\d+\D+
where:
\D+ one or more non-digit symbols
\d+ one or more digit symbols
Enter the $MiddleDigitUser into KillFile to reject user names with
this format. For example:
sdf89sdfg@domain.com - rejected
234sdf@domain.com - ok
kljh345@domain.com - ok
Version 4.2.2.0 and later support web logging option. It means that
you can monitor imailzip events over http. To use this option please
refer to:
LOCAL_MACHINE\Software\ImailZip [WebPath] parameter
If the following parameter does not exist, create it as a string. Specify
the correct path and file name to your http server's directory. For
example d:\Program Files\Apache\htdocs\myzip-log.html or \\mywebpc\mywebdir\anyfilename.html
All new events you can monitor over this web page.
Note: to use this option you should be familiar that you have a correct
web server installed on your PC and all restrictions applied successfully
to prevent unauthorized view of that page.
Version 4.3.0.8 and later support Mail2sms forwarding option.
This option will work only if your gsm provider supports email2sms
option. It means that if you send a message to particular mailbox (yournumber@yourgsm-operator.com)
you will receive this message as SMS. So, please contact your operator
to ensure that you can receive SMS through e-mail properly.
Create file sms.txt in imailzip root directory. Enter valid
e-mail address and forwarded e-mail address separated by colon (:) Example:
myuser1@mydomain.com:79134578452@cellular.com
myuser2@mydomain.com:79134578453@cellular.com
Note: you can design this file at runtime. You do not need to restart
software.
The feature of that option is that you will receive a whole message
at your mailbox and the copy of that message will delivered to your
operator's mailbox with NULL body, so only header of the message will
arrive to your mobile device. Also you can read the entire size of the
message in bytes in the subject line. You will receive only clear from
spam and virus messages.
Version 4.3.0.8 and later support wap browsing option. It means that
you can monitor imailzip events over your mobile device. To use this
option please refer to
LOCAL_MACHINE\Software\ImailZip [WapPath] parameter
If the following parameter does not exist, create it as a string. Specify
the correct path and file name to your web server's directory. For example
d:\Program Files\Apache\htdocs\mywaplog.wml or \\mywebpc\mywebdir\anyfilename.wml
Note: to use this option you should be familiar that you have a correct
web server installed on your PC and all restrictions applied successfully
to prevent unauthorized view of that page.
Note: last 100 records of log available only
To configure ImailZip Monitor please make sure that you have set the
following parameters:
LOCAL_MACHINE\Software\ImailZip
MonitorInterval [DWORD] Repeat interval in milliseconds
PurgeLogsAfterDays [DWORD] Number of days after delete the log file
MonitorExecPath [STRING] Path to file to execute
Version 5.0.0.8 and later support automatic selection of antivirus
engine and forward scanner connection to it. For example, you may configure
the primary antivirus engine and secondary engine for backup purposes.
And if the primary engine going shutdown the izmonitor service automatically
update connection settings for izscanner in order to connect to secondary
engine.
To enable the connection forwarding feature you must create file hosts.txt
in imailzip root directory. Then enter the value of host and port separated
by colon (:). Example:
127.0.0.1:3385
192.168.1.2:3385
192.168.1.4:3385
and etc
In this example the izmonitor will check the connection every MonitorInterval
value milliseconds and if the connection failed it will try to connect
to the second configuration line and etc. Please make sure that you
have enter valid MonitorInterval value to complete all izmonitor tests.
Otherwise the monitor will have a cyclic error since it will start to
perform the test from the beginning but the previous test is still did
not finished.
The monitor service will check the connection between ImailZip Daemon
and antivirus engine. If one of those services did not respond the monitor
service will execute the file specified in MonitorExecPath parameter.
Finally after alert the izmonitor service stop itself.
If you would like to purge izMMDD.log files in your ..\logs director
you may specify the PurgeLogsAfterDays parameter. Enter the number of
days after delete the log file from ..\logs directory automatically.
Before install IMailZip Antivirus you must have properly installed
Imail Ipswitch software.
- Download and install IMailZip antivirus.
- Download and install desired Antivirus Engine. Currently there are
two engines supported: Kaspersky Engine and ClamAV engine.
In both cases, there are no additional requirements, just start installation
file and wait until the end of the setup process. To install ClamAV
engine for Windows read the appropriate installation instruction.
Kaspersky Engine installation
- Close all imailzip anvitirus programs and stop all imailzip antivirus
services
- Uninstall software
- Restart computer
- Open service manager and ensure that there is no ImailZip Services
installed. Otherwise remove them manually and restart computer again.
- Install the kaspersky engine into any directory
- Start the kaspersky GUI (kengine.exe). If you have any errors please
contact our support team.
- Set correct host and port. By default 127.0.0.1:3385
- Restart the engine
- Set the LiveUpdate interval
- Restart the engine again and ensure that you have no errors.
ImailZip Antivirus installation
- Install the imailzip antivirus to any directory.
- After installation execute izmanager.exe module.
- Open the "Scanner settings" tab and enter valid host
and port to connect to avp engine.
- Press "Test scanner" to ensure that you have a properly
established connection. After that you must receive EICAR virus result.
- Press register button and enter the registration keys (domain\key)
- Restart the software
Spool scanner Installation
- Go to the users tree and select any domain. Select the desired
options.
- Go to "Scanner settings" tab. Press Start/Stop spool
scanner button. If you have a error, open Service Manager and try
to start the IMailZip Daemon service manually.
- Open ..\logs directory and watch the spool events
All imailzip configuration parameters (except KillFile and sms.txt)
you can find at registry tree:
HKEY_LOCAL_MACHINE\Software\Imailzip
| Parameter |
Type |
Default value (Integer) |
Description |
| Keywords |
String |
failed, invalid, bogus, rdeliver, ERR |
Syslog viewer select all strings from sysmmdd.txt file,
depends on either keyword found or not |
| IgnoreMbxAfter |
DWord |
2048 |
If the value of users mailbox is higher than IngoreMbxAfter
parameter then IMailZip Manager will ignore local mailbox scanning
for that box |
| Codepage |
String |
windows-1251 |
To implement zip and copy functions the program convert
filenames depends on the Codepage parameter and than save it to disk |
| MailboxList |
String |
main.mbx |
List of mailboxes, separated by comma, to scan for IMailZip
manager module |
| ScannerPort |
DWord |
3385 |
The value of TCP port which IMailZip Scanner takes in
order to connect to Antivirus Engine |
| ScannerHost |
String |
127.0.0.1 |
The value of TCP host which IMailZip Scanner takes in
order to connect to Antivirus Engine |
| BackupPort |
DWord |
Undefined |
The value of TCP port in order to perform the backup
request to obtain the valid information. Used when the primary engine
is in shutdown or in the case of the failure, timeout or unknown response.
Create this parameter manually if you want to use this feature. Before
using please install the secondary engine first. |
| BackupHost |
String |
Undefined |
The value of TCP host in order to perform the backup
request to obtain the valid information. Used when the primary engine
is in shutdown or in the case of the failure, timeout or unknown response.
Create this parameter manually if you want to use this feature. Before
using please install the secondary engine first. |
| NetworkTempPath |
String |
Undefined |
Define the absolute network path to iMailZip Daemon
temporary directory
(e.g. \\mailserver\c$\imailzip\tmpdir ).
Necessary to implement the replacement of Antivirus Engine from Imail
machine to another. Also, in the case of using the single AV engine
with multiply mail servers. |
| DSizeLimit |
DWord |
2097152 |
Define the maximum size in bytes of incoming spool message.
If the mail size value exceed this parameter the Scanner will ignore
this mail. |
| WholeLimit |
DWord |
131072 |
The value in bytes which define the size limit of incoming
mail. If the mail size exceed this value the scanner will pass whole
mail content to Antivirus engine to increase performance |
| Base64Limit |
DWord |
65536 |
The value in bytes which define the base64 size limit
of incoming mail. If the mail size exceed this value the scanner will
pass whole mail content to Antivirus engine to increase performance
only if there are no base64 decoded parts found |
| EventReload |
DWord |
5000 |
The value in milliseconds which define the timer interval
to reload imailzip.log file for IMailZip Manager module. 0 means disable
reload. |
All other options are available from GUI interface:
| Parameter |
Description |
| IMAILZIP MANAGER MODULE |
| Copy attachments to folder |
Toggle this checkbox if you wish to copy all decoded
attachments to specific folder. Note that this option may copy whole
mail content if you choose this option globally for iMailZip Scanner
module when the size of e-mail is higher than WholeLimit parameter.
iMailZip Manager will copy the extracted attachments anyway independently
on WholeLimit parameter. |
| Apply to domain |
Toggle this checkbox if you wish to enable domain options
to all users of that domain. In this case all individual options for
users will be ignored. |
| Check for viruses |
Toggle this checkbox to enable virus scanning for iMailZip
Scanner and iMailZip manager modules for selected domain or user |
| Do not remove suspicious |
Toggle this checkbox if you want to disable deletion
of suspicious mail objects. In this case the subject for that mail
will be overwritten with warning message |
| Compress attachments |
Toggle this checkbox if you wish to compress all attached
data within e-mail. Note that this option may compress whole mail
content if you choose this option globally for iMailZip Scanner module
when the size of e-mail is higher than WholeLimit parameter. The default
name of the zip archive is msg.zip |
| Set password |
Enter the password for Compress attachments option.
All archives will be protected with the password value. Leave it blank
to disable password issue. |
| Check for SPAM |
Toggle this checkbox if you wish to send a UDP request
to the list of RBL hosts for the specific domain or user. If the result
is the positive the mail will be marked as spam and selected action
will be implemented |
| Action to be taken on spam e-mail |
Select desired action for spam market emails. Delete
- will remove the spam messages on-the-fly. Modify Subject - will
rewrite the subject for the e-mail as "SPAM from relay: ip address".
Insert X-Header: will insert the X-Header: ip.address string into
e-mail envelope. |
| Enable parsing syslog |
Toggle this checkbox if you wish to parse and print
out to the screen the content of sysmmdd.txt file, depends on Keywords
parameter. |
| If rdeliver exceed |
This value define the limit for remote deliveries. If
your server deliver more than that value to remote servers and pause
checkbox toggled, in this case smtpd32.exe service will be in paused
mode for selected interval. There are following values possible [0..14],
where 0 is the lowest limit = 5 msg and 14 is the highest limit =
1000msg |
| Per interval |
Define the interval to count for remote deliveries.
There are following values possible [0..7] that is equal to [1min
.. 60min] |
| Pause SMTP |
Define the pause for smtpd32.exe service in minutes.
There are following values possible [0..9] that is equal to [1min
.. 60min] |
| Antivirus engine host |
The host value for iMailZip Scanner to connect to Antivirus
engine |
| Antivirus engine port |
The port value for iMailZip Scanner to connect to Antivirus
engine |
| Min (threads) |
This options specify the minimal value of the same time
processing threads for local mailbox scanning. Each thread takes a
separate mailbox. |
| Max (threads) |
This option specify the maximum value of the same time
processing threads for local mailbox scanning. Each thread takes a
separate mailbox. |
| CPU limit |
This option defines the value in % of processor utilization.
If the value of processor is higher than the CPU limit parameter in
this case the iMailZip Manager paused the local mailbox scanning. |
| Enable local mbx files scanning |
Toggle this checkbox to allow to load and scan local
mbx files (by default main.mbx) to find viruses and perform other
selected operations |
| Start Scanning (button) |
Allow to scan local mbx files and detect
new messages in mailboxes |
| Rescan mailboxes (button) |
Press this button if you wish to rescan
all mailboxes and drop gathered mailbox size parameters |
| Stop Process (button) |
Press this button to disable local mailbox
scanning, until Start Scanning button pressed |
| Open Website (button) |
Go to http://imailzip.com website for news
and updates |
| About (button) |
Show current version and credits information |
| Extra options/Save structure (button) |
Save users and domains as a plain text file
as is |
| Extra options/Dump emails (button) |
Save all emails to text files in user@domain
format |
| Extra options/Dump passwords (button) |
Save all emails and appropriate passwords
in text format |
| Extra options/Show password (menu) |
Show password for selected user |
| Extra options/Check selected box(menu) |
Force scanning of selected mailbox from
the first message in box |
| KASPERSKY ENGINE MODULE |
| KAV_O_M_PACKED |
To make active a mode of scanning of the
packed executed files. |
| KAV_O_M_ARCHIVED |
To make active a mode of scanning of the
archives. |
| KAV_O_M_CA |
To use the heuristic analyzer of a code,
for searches of unknown viruses. It is recommended to use. |
| KAV_O_M_MAILBASES |
To make active a mode of scanning of mail
databases. |
| KAV_O_M_MAILPLAIN |
To make active a mode of scanning of the
post messages. |
| KAV_O_M_WARNINGS |
Makes active the additional mode of scanning. |
| KAV_O_M_REDUNDANT |
To use redundant scanning, for search of
viruses in the damaged and spoiled files. Slows down process of scanning
many times over. It is not recommended to use. |
| Scanner timeout |
Time allocated for scanning of object. On
reach for this time the scanning of object will be stopped. |
| Scanner priority |
The scanning priority. The following variants
of priorities are possible: high, normal, low. |
| Scanner host |
Enter the value of interface to bind. By
default the value is 127.0.0.1. If you wish to bind to another interface
enter appropriate value. |
| Scanner port |
The value of port to listen for iMailZip
Scanner requests. |
| Download every |
LiveUpdate parameter to automatically update
antivirus definitions. The following parameters are possible: never,
30 minutes, 1-6 hours. |
WestSib Software Lab is a software company resides in Western Siberia,
Novosibirsk. The company mission is to help mail system administrators
reject unwanted mail and protect intranet networks from viruses.
Please, send us your questions, bug report or any other information
as a plain text. If you wish to receive a feedback make sure to enter
your e-mail address or phone.
For quick online assistance please use the following ICQ number
152736960
Russian Federation,
630111, Novosibirsk, Tankovaya 72, 53
Director: +7 913 4534705
Office phone/fax: +7 383 2760541 (5 channels)
E-mail: support@imailzip.com
Please note that our time zone +06 GMT
Copyrights, (c) Dmitri Elgin 2003
Powered by WestSib Software Lab Inc.
|
 |
top page
|
){kind=link}