Architecture Overview

Once ESET Mail Security is successfully installed, you should become familiar with its architecture.

Figure 4-1. Structure of ESET Mail Security.


The structure of ESET Mail Security is shown in Figure 4-1. The system is comprised of the following parts:


The core of ESET Mail Security is the ESETS daemon (esets_daemon). The daemon uses ESETS API library and ESETS loading modules em00X_xx.dat to provide base system tasks such as scanning, maintenance of the agent daemon processes, maintenance of the samples submission system, logging, notification, etc. Please refer to the esets_daemon(8) man page for details.


The purpose of ESETS agent modules is to integrate ESETS with the Linux and FreeBSD server environment.


The utility modules provide simple and effective system management. They are responsible for system tasks such as license management, quarantine management, system setup and update.


Proper configuration is the most important aspect of your security system; the remainder of this chapter is dedicated to explaining all related components. A thorough understanding of the esets.cfg file is also highly recommended, as this file contains information essential to the configuration of ESET Mail Security.

After the product is successfully installed, all its configuration components are stored in the ESETS configuration directory. The directory consists of the following files:


This is the most important configuration file, as it controls all major aspects of the product’s functionality. The esets.cfg file is made up of several sections, each of which contains various parameters. The file contains one global and several “agent“ sections, with all section names enclosed in square brackets. Parameters in the global section are used to define configuration options for the ESETS daemon as well as default values for the ESETS scanning engine configuration. Parameters in agent sections are used to define configuration options of modules used to intercept various data flow types in the computer and/or its neighborhood, and prepare it for scanning. Note that in addition to the various parameters used for system configuration, there are also rules governing the organization of the file. For detailed information on the most effective way to organize this file, please refer to the esets.cfg(5) and esets_daemon(8) man pages, as well as relevant agents' man page.


This directory is used to store the certificates used by the ESETS web interface for authentication. Please see the esets_wwwi(8) man page for details.


This directory is used to store the product(s) license key(s) you have acquired from your vendor. Note that the ESETS daemon will check only this directory for a valid license key.


If enabled by the Scheduler task named License expiration,this script will be executed 30 days (once per day) before product license expiration, sending an email notification about the expiration status to the system administrator.


If enabled by the Scheduler task named Threat notification,  this script is executed in the event of a detected infiltration by the antivirus system. It is used to send email notification about the event to the system administrator.