[plug] email virus scanning
Travis Read
travisr at rave.iinet.net.au
Mon Nov 26 08:21:31 WST 2001
Sophos is a good AV scanner for linux, the updated come as small .ide
files which update the virus scanner to support a particular virus. I
found this method of updating the virus scanner much better than download
a 3MB updated virus def each night. I use sophos AV with a perl scripts
called amavis perl. I'm also using qmail as my MTA and it all works
fine. The gateway computer is a Celeron 366 with 256MB of ram, the only
time it start to have load issues is when somebody mail bombs the
server. When this occures I just disable virus scaning for an hour or so
and it sorts itself out. amavis perl is a script which works with
sendmail/qmail/exim etc
sophos can be downloaded from:
http://www.sophos.com/downloads/products/unix.html
amavis perl can be downloaded from:
http://www.amavis.org/
Trav
On Mon, 26 Nov 2001, Adrian Woodley wrote:
> You may also have some joy with Sophos Antivirus (pick the re-seller :P
> ). It has pretty good linux support and you can plug it into pretty much
> anything (with a little scripting) that stores file - ie Squid, Exim,
> Samba, etc. Plus, if you get licenses for your workstations, the server
> is automatically covered. Just a though.
>
> Regards,
> Adrian
>
> Bernard wrote:
>
> >When I get around to it, a new gateway will be in order and due to a
> >virus scare today on numerous windows machines, it'll be having
> >email virus scanning implemented. I've had a look around and decided
> >to use MailScanner (http://www.sng.ecs.soton.ac.uk/mailscanner).
> >Anybody have any opinions on this or known catch-me-outs?
> >
> >I'm curious as how it uses McAfee. After much scrounging I found the
> >elnx4140.zip file from McAfee's FTP server, not mentioned on their
> >website. It contains a library called liblnxfv.so which I take it
> >is the scanning engine. I know I will find out when I install the
> >gateway, but do I need anything else such as an executable of some
> >sort to do the scanning?
> >
> >On a different note, one Windows ME machine downloaded 150MB worth
> >of updates over two nights without even telling anybody. Grrrr. Bye
> >bye $25 of downloads. Squid now blocks windowsupdate.microsoft.com.
> >Anyone with Me machines on the network, beware.
> >
> >Regards,
> >
> >Bernard.
> >
>
>
>
More information about the plug
mailing list