RAV AntiVirus v8 for the Courier MTA
====================================
Contents:

1. Hardware requirements
2. Software requirements
3. Installed files
4. Configuration
5. Updating
6. Start/Stop RAV AntiVirus daemon
7. Registration

1. Hardware requirements
========================
	- Compatible Intel CPU (>= 150 Mhz)
	- RAM >= 32 Mb

2. Software requirements
========================
	- Courier MTA version >= 0.38.0
	- Linux kernel version >= 2.2
	- glibc version >= 2.1.3
	- rpm version >= 3.0
	- zlib version >= 1.1.3-6
	- ravcore version >= 8.9
	- ravmd version >= 8.4
	- ravcourier version >= 8.4
	- in order to send warning mails as set in scanning configuration, you
	must have a MTA running on local machine and listening on port 25.

3. Installed files
==================
	The rpm files provided will install on your computer the following
	directories, files and accounts:

ravms				#an user account used to send warning mails when a virus
				#was found (if you set this option)
/etc/rc.d/init.d/
/etc/rc.d/init.d/ravmail	#this script will start the
				#daemon (for RedHat)
				#for other distributions see section 6 below
/etc/rc.d/rc3.d/
/etc/rc.d/rc3.d/S75ravmail	#link to the above script
/etc/rc.d/rc5.d/
/etc/rc.d/rc5.d/S75ravmail	#link to the above script

/opt/rav
/opt/rav/bin/
/opt/rav/bin/ravmd		#RAV daemon, it load the RAV
				#engine and scans for viruses
/opt/rav/bin/ravmdupdate.sh	#a script used for daily updates
/opt/rav/bin/ravcourier		#external filter
				#executed by the Courier MTA
/opt/rav/bin/ravav		#an executable which can be used
				#to scan files on the hdd  					
				#type 'ravav -h' for help
/opt/rav/bin/ravupdate		#the utility program used to download
				#the latest files (virus definitions,
				#scanning engine and programs)

/etc/opt/rav
/etc/opt/rav/ravmd.conf		#configuration file for ravmd

/var/opt/rav
/var/opt/rav/ravmd.key		#key registration file for ravmd
/var/opt/rav/run/		#contains RAV sockets and pid files
/var/opt/rav/bulk/		#keeps saved bulk mails
/var/opt/rav/log/		#default location of log files
/var/opt/rav/tmp/		#temporary mail files
/var/opt/rav/quarantine/        #by default here are saved
				#the infected/suspicious files
/var/opt/rav/rave/              #the directory where the RAV engine is installed
files /var/opt/rav/rave/*	#engine and databases files

	If RAV AntiVirus scanning daemon (ravmd) is started with the '--syslog'
	parameter in the command line it will log messages in the system mail
	info log  file (see value for mail.* or mail.info from 'syslog.conf'
	file). Keep an eye on that file to watch   over the scanning process.
	Otherwise, by default, the log files are located in the
	/var/opt/rav/log/ directory. 

4. Configuration
================
	Filter configuration:
	---------------------
	The RAV filter for Courier (ravcourier) starts with the following
	parameters by default:
	working threads: 20
	maximum accepted conections: 100
	install in the 'allfilters' directory: yes
	filters root directory: /usr/lib/courier/var
	queue directory: ""

	If you want to modify some of these parameters then you have to
	edit the /etc/opt/rav/ravcourier.conf file and reinstall
	the filter:
	/usr/lib/courier/sbin/filterctl stop  ravcourier
	/usr/lib/courier/sbin/filterctl start ravcourier

	Daemon configuration:
	---------------------
	Configuration resides in /etc/opt/rav/ravmd.conf file. RAV
	AntiVirus scanning daemon (ravmd) reads this configuration when it is
	started or restarted. So if you modify something in ravmd.conf then
	you must send a HUP signal to ravmd (see section 6).

	Please read ravmd.conf(5) man page and the comments from ravmd.conf
	file for more information.

5. Updating
===========
	We provide daily updates for viruses signatures databases.
	Automatic update:
	If you have installed RAV with rpm then in /etc/cron.hourly/
	or /etc/daily should be a shell script (ravmdupdate.sh).
	This program takes care of downloading files and
	restarting RAV AntiVirus scanning daemon. The results of these
	processes will be sent to an e-mail account specified in
	ADMIN_ADDRESS variable from the	ravmdupdate.sh script.

	Manual update:
	From a root prompt run:
	/opt/rav/bin/ravupdate
	or use the old update function from 'ravav':
	/opt/rav/bin/ravav --update engine

	After the update process successfully completed you must
	restart the daemon:	 
	/etc/init.d/ravmail restart
	or
	killall -HUP ravmd

	You DO NOT need to stop the mail server when restarting
	the RAV AntiVirus scan daemon.

6. Start/Stop RAV AntiVirus daemon
==================================
	The daemon must be restarted after every databases updates or every
	modification in ravmd.conf file.

	The daemon starts with:
	/etc/init.d/ravmail start	(in RedHat)
	or
	/opt/rav/bin/ravmd	(in other Linux	distributions)

	You can restart ravmd with:
	/etc/init.d/ravmail restart        (for RedHat)
	or
	killall -HUP ravmd		(in other Linux distributions)

	If you can't use the 'ravmail' script to start 'ravmd' then you must
	add line: 	
	/opt/rav/bin/ravmd
	to one of your boot scripts, so that the RAV AntiVirus daemon starts
	when your system reboots.

7. Evaluation
=============
	By downloading the evaluation version from 
	http://www.ravantivirus.com you will be able to use all the
	functions of the product (scanning, cleaning, daily updates) for
	30 days and for two different mail domains specified in the configuration
	file.

VERY IMPORTANT:
	For RAV, a 'domain' is the string following the '@' symbol in an e-mail
	address.

8. Registration
===============
	After evaluation you may purchase the product to work for a
	number of mail domains. The price is scalable to the number of 
	domains	protected by RAV AntiVirus. After purchase you'll receive 
	an activation key from GeCAD Software which will enable you to 
	configure the antivirus for the specified number of domains.

	The activation key will be sent to you by e-mail as a file which
	should be copied in the /var/opt/rav/ directory.
	After you copied the key file you must restart RAV AntiVirus
	daemon:
	killall -HUP ravmd
	Look in mail log file to see if registration was successfully
	finished.
