LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Security page

Recent Features

Tux3: the other next-generation filesystem

LWN.net Weekly Edition for November 27, 2008

LWN.net Weekly Edition for November 20, 2008

MinGW and why Linux users should care

LWN.net Weekly Edition for November 13, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Email Virus Scanning for Linux: A review of alternatives to RAV Antivirus

[Posted July 2, 2003 by ris]

[This article was contributed by tummy.com]

With the purchase of RAV by Microsoft, many Linux email providers and ISPs, are looking for an affordable, reliable replacement for RAV Antivirus.

Kevin Fenzi, Senior Member Technical Staff of tummy.com, ltd. and the co-author of the Linux Security HOWTO, has reviewed some of the currently available alternatives.

Kevin evaluated the alternatives on several different criteria, including Pricing policy (unlimited use is better than a per-domain or per-user price), broad support for Mail Transport Agents, and ease of installation and configuration.

Criteria Used:

  • Pricing policy: Unlimited use got the highest score. Per-domain pricing was next best, and per-user pricing was last. Those products that did not have pricing information on their website received no score in this category.

  • Support for MTAs: A point was awarded for each of the popular Mail Transport Agents supported (Qmail, Postfix, Exim, SuSE, Sendmail+Milters, Sendmail, Dmail).

  • Ease of Installation: Is the product easy to download and install?

  • Ease of Configuration: Is the product easy to configure with your local MTA?

  • Scores are on a 'bad, fair, good, excellent' scale.

Read the full article here.

(Log in to post comments)

Email Virus Scanning for Linux: A review of alternatives to RAV Antivirus

Posted Jul 3, 2003 5:19 UTC (Thu) by grahammm (subscriber, #773) [Link]

He seems to have missed out a lot of virus scanners some of which, such as clamav, are completely free (GPL) and others such as B+BEDV offer free licences for personal use.

Email Virus Scanning for Linux: A review of alternatives to RAV Antivirus

Posted Jul 3, 2003 22:17 UTC (Thu) by nirik (subscriber, #71) [Link]

Yeah, there are a bunch more out there... I only reviewed the ones I could easily find. Additonal urls or the like welcome!
-kevin

Email Virus Scanning for Linux: A review of alternatives to RAV Antivirus

Posted Jul 4, 2003 7:34 UTC (Fri) by LenZ (guest, #1051) [Link]

Additonal urls or the like welcome!

Have a look at http://www.openantivirus.org/

Email Virus Scanning for Linux: A review of alternatives to RAV Antivirus

Posted Jul 6, 2003 20:23 UTC (Sun) by Soruk (subscriber, #2722) [Link]

Another: http://www.eridani.co.uk/MailStripper/

Email Virus Scanning for Linux: A review of alternatives to RAV Antivirus

Posted Jul 3, 2003 6:17 UTC (Thu) by RedHatOpus (guest, #4260) [Link]

One of my favorites is the Procmail Email Sanitizer, (http://www.impsec.org/email-tools/procmail-security.html).

Very customizable and highly accurate. Works well with attachments too.

Email scanning for email, fine - but the file shares?

Posted Jul 3, 2003 9:56 UTC (Thu) by kruemelmo (subscriber, #8279) [Link]

Though I find the article interesting, I wonder if these solutions are for email only.

On a typical small company server you would want email scanning and regular scanning on shared network drives. Does anyone, or the author?, know which of these products would also work as a "scan this direcotry tree" tool?

Even more interesting would be a tool which works together with samba and scans files when they are written to a network drive by a client.

Moritz

Email scanning for email, fine - but the file shares?

Posted Jul 3, 2003 22:18 UTC (Thu) by nirik (subscriber, #71) [Link]

All these solutions are with scanning email in mind.
There are some that do scan shares as well, but I wasn't looking for them in particular.
-kevin

Email Virus Scanning for Linux: A review of alternatives to RAV Antivirus

Posted Jul 4, 2003 7:31 UTC (Fri) by LenZ (guest, #1051) [Link]

A point was awarded for each of the popular Mail Transport Agents supported (Qmail, Postfix, Exim, SuSE, Sendmail+Milters, Sendmail, Dmail).

I beg your pardon, but what is the SuSE MTA?

Email Virus Scanning for Linux: A review of alternatives to RAV Antivirus

Posted Jul 5, 2003 10:18 UTC (Sat) by tlbdk (subscriber, #7785) [Link]

amavisd-new and clamav gets about 99% of all vira you would get today, but if you are in the need of also being proteced from all the old dos vira, you could drop in a comercial scanner, plus you get spam filtering for free with the built in SpamAssassin support. All free as in opensource. RAV stops Unix/Linux support, so what, allmost every other products provide support for Linux/Unix.

http://www.ijs.si/software/amavisd/

Email Virus Scanning for Linux: A review of alternatives to RAV Antivirus

Posted Jul 16, 2003 9:57 UTC (Wed) by mic (guest, #12966) [Link]

Sorry, but I strongly suggest not to rely on ClamAV or OpenAV to provide a reasonable level of security.

Note that the article ignores the most important aspect of antivirus software - the detection rates. Without good virus detection, a product is useless despite all its other excellent features.

Detection rates for OpenAV can be found on our website (http://agn-www.informatik.uni-hamburg.de/vtc/en0212.htm).
As ClamAV uses basically the same technology and virus definitions, results are certainly not much better (ClamAV will be included in our next test).

Copyright © 2003, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds