Re: antiviruos for FreeBSD mail server ?
From: Pat Lashley (patl+freebsd_at_volant.org)
Date: 09/25/03
- Previous message: Seth Kingsley: "Re: yahoo messenger"
- In reply to: Armand Passelac: "Re: antiviruos for FreeBSD mail server ?"
- Next in thread: Jett Tayer: "Re: antiviruos for FreeBSD mail server ?"
- Reply: Jett Tayer: "Re: antiviruos for FreeBSD mail server ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 25 Sep 2003 01:25:38 -0700 To: Armand Passelac <apasselac@free.fr>, srenna@vdbmusic.com
--On Thursday, September 25, 2003 09:39:12 +0200 Armand Passelac
<apasselac@free.fr> wrote:
> [---- On Wed, 24 Sep, 2003 at 15:58, srenna@vdbmusic.com wrote: ----]
>> What do you think of Clam so far?
>> I'm interested in checking something out
>
> It's a good and free product.
> It seems to work well.
>
> But it's only a detect program. On the contrary some of other programs
> like sophos,trend micro, ... allow you to clean/put in quarantine/notify/
If your MTA is Exim, with the ExiScan-ACL patches (installed by
default by the FreeBSD port); then the ACL statement that passes
the message to clamav can choose to quarantine/notify/etc. You
can even choose to return an error condition to the sending MTA
but really keep/deliver/quarantine a copy of the message. (One
of the nice things about Exim and ExiScan-ACL is that you can
run the filters, and various other built-in tests, and reject the
message while the SMTP session is still open. So you don't wind
up queuing bounces to forged from addresses.)
I'm not sure whether it can be set to just remove/replace the
offending attachment. (I just reject any message that clamav
says has a virus. But since I also use the ExiScan-ACL code
to reject any message with a dangerous attachment(*); very few
viri manage to make it to the clamav check.)
(*) In this case dangerous is defined as having one of the file
extensions that Microsoft has identified as 'dangerous' and
recommends blocking: scr, vbs, bat, lnk, pif, adt, adp, bas, chm,
cmd, com, cpl, crt, exe, hlp, hta, inf, ins, isp, js, jse, mdb,
mde, msc, msi, msp, mst, pcd, reg, sct, shs, shb, url, vb, vbe,
wsc, wsf, wsh
-Pat
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
- Previous message: Seth Kingsley: "Re: yahoo messenger"
- In reply to: Armand Passelac: "Re: antiviruos for FreeBSD mail server ?"
- Next in thread: Jett Tayer: "Re: antiviruos for FreeBSD mail server ?"
- Reply: Jett Tayer: "Re: antiviruos for FreeBSD mail server ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
