Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
RE: [suse-security] Firewall/Virusscanner Conclusion
  • From: ralf.vroomen@xxxxxxxxx
  • Date: Tue, 5 Dec 2000 11:32:11 +0100
  • Message-id: <9112F4142CCDD111BA9C00062905319A021332CE@xxxxxxxxxxxxxxxxxxxxxxxxx>

>errm... AVP is definitely NOT free. I don't think you read the webpage very

>well :)

Ooops... ;) never saw that one. Deleting AVP while I'm typing this :)

>Neither is InoculateIT. Just cause you can download it doesn't mean that
>it's free.

The way I read their web site, for personal use it is.

>You can dl McAfee AV for Linux also, but you'll find them calling you after

>a few months
>of updates asking you to pay for a licence..

I hate McAfee!

>After looking at the current FAQ for Amavis
(http://www.amavis.org/FAQ.txt),
> I see that it still has the same limitation that made me use MFilter.
>(I used to use amavis on approximately 20 servers until I found MFilter)
>but pls correct me if the FAQ is out of date, as I know there are some
amavis
>developers on the list.
>The problem is that it can't seamlessly scan ALL mail relayed through the
>server.
>That being all inbound and outbound mail regardless if it's for local
>delivery or not.

Whell, the concept should be considered as *experimental* but this is from
the
README.sendmail:

[..snip..]
Scanning incoming/outgoing and relayed mail
-------------------------------------------

The concept for scanning incoming/outgoing and relayed mail is
different from the concept described in the AMaViS documentation.

We use two different setups (.cf files) for sendmail, one is the original
configuration, the second has a different Queue-Directory, another
status file and most importand a changed Rule Set 0 and the Mailer
Definition
AMaViS, so that AMaViS is always called first. If no virus is detect, then
we deliver the mail again to sendmail but we advise sendmail to use the
original configuration.
[..snip..]

>If you have a configuration where you need this (I have 100's of clients
>who do..)
>consider carefully b4 you use amavis as it will cause you alot of work.

My main concern is stopping incoming virus mails. Outgoing is optional and
_can_
be done with Amavis. And if the receiver has a incoming virus scanner there
would
be no need for an outgoing scanner.

>MFilter has the advantage of being a completely separate process to
>Sendmail/SMTPD
>and therefore is very flexible.....

Could jou supply me with an URL of this MFilter?


Thanx!

Ralf Vroomen
< Previous Next >