1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Dr Web does not appear to be doing anything

Discussion in 'Plesk for Linux - 8.x and Older' started by timbr8ks, Feb 23, 2005.

  1. timbr8ks

    timbr8ks Guest

    0
     
    So I paid the licensing fee for Dr. Web, but standard viruses still are coming through and being picked up by Norton. In fact, I can't find any evidence that Dr. Web is doing anything.

    How do I determine if Dr. Web is catching any viruses at all? If it's not, how do I get it moving?

    I'm a Web guy, not a server guy, so please respond as if I know very little.

    Thanks.
     
  2. zacpac

    zacpac Guest

    0
     
    you say you have purchased the licence, have you acutally installed it ?

    and if so do you have the following file

    /opt/drweb/drweb32.key

    as this is where the drweb key should be

    if that is not installed it will only support 15 mailboxes.
     
  3. timbr8ks

    timbr8ks Guest

    0
     
    Using the PSA interface, I certainly THOUGHT I had installed it. The file you mention, however, is not in place. Still, my Plesk License key says:

    Ability to use Dr.Web antivirus On

    The key shows up under "Additional keys", it's listed under my Plesk components, and it says it's running under Services Management.

    Is there something more I'm suppoesed to do? Unfortunately, http://www.drweb.com appears to be down.
     
  4. zacpac

    zacpac Guest

    0
     
    yeah i had a similar problem to the one that your having it seems that drweb needs its own key that doesn't seem to be supplied by the plesk interface.

    have a look at the file drweb32.ini which you can do using the following command

    more /etc/drweb/drweb32.ini

    find the section to do with the key files you will find this

    ;Key = {path to the file, usual extension is key }
    ; Location of the file with the registration key. You may specify
    ; relational path, but it is strongly recommended to make it
    ; absolute.
    Key = "/opt/drweb/drweb32.key"

    ;PleskPublicKey = {path to the file }
    ; Location of the file with the Plesk public RSA key. You may specify
    ; relational path, but it is strongly recommended to make it
    ; absolute.
    PleskPublicKey = "/etc/drweb/plesk.key"

    as you can see it looks to me like it is using 2 keys the plesk public key for something and also the drweb32.key

    also if you restart drweb and check /var/log/messages it will tell you if drweb is licenced or not

    do you have a drweb32.key ?? if you do all you need to do is to upload it to you server put it in the correct location and restart drweb

    if you don't have one i am guessing that you will need to contact your hosting provider or plesk

    i purchsed my key through ev1 and they sent the key to us to upload ourselves
     
  5. Whistler

    Whistler Guest

    0
     
    Another thing: have you updated the virusdefinitions base? Remember to run the drweb/update/update.pl script once in a while.

    (I run it with Cron about every 3 hours - sometimes DrWeb releases more than one defintion file a day).

    I've just made a test today - with an old email account where I get about 2-300 spam/virus mails a day - and DrWeb found and removed all mails with virus so far...
     
  6. leobag

    leobag Guest

    0
     
    So, if we don't pay for Dr.Web, we can still use it on 15 mailboxes?
    +
     
  7. zacpac

    zacpac Guest

    0
     
    i don't want to say yes but thats the way that it looks like to me you however from my testing have no control over which 15 mailboxes, and you also need your plesk key to say drweb yes

    i got more that 15 boxes i need covered though ;-) alot more
     
  8. leobag

    leobag Guest

    0
     
    is there anywhere that shows who is using the service?

    Or is the only way to tell is to look at the log file (drwebd.log), where it says "Daemon is enabled for protecting 9 e-mail`s:" (and then it lists the emails)?

    Is there a way to turn Dr.Web off completely so it doesn't interfere with anything (like qmail)?
    +
     
  9. zacpac

    zacpac Guest

    0
     
    i got that information from /var/log/messages at the time of start up.

    if you don't enable any mailboxes the log shows that it was an email address not to be checked and lets it through

    if you want to make sure that nothing is being checked then uninstall the rpm
     
  10. leobag

    leobag Guest

    0
     
    i had some concerns about uninstalling that I voiced in another thread . I just don't want to break anything.
    +
     
  11. wharfratjoe

    wharfratjoe Guest

    0
     
    ok here is a newbie question. what are the correct parrameters to setup a cron job for drweb to check for updates?
     
  12. Whistler

    Whistler Guest

    0
     
    I just have this crontab set for root:

    0 */3 * * * /usr/local/drweb/update/update.pl

    This will run the update.pl script every three hours starting at 00, 03, 06, 09, 12 etc.
     
Loading...