Microsoft to kill popular Linux antivirus product (ComputerWorld)
Microsoft to kill popular Linux antivirus product (ComputerWorld)
Posted Jun 14, 2003 10:45 UTC (Sat) by tzafrir (subscriber, #11501)In reply to: Microsoft to kill popular Linux antivirus product (ComputerWorld) by smoogen
Parent article: Microsoft to kill popular Linux antivirus product (ComputerWorld)
Correct me if I'm wrong, but this product was configured so well with all those MTAs because it sits as the SMTP server (or rather: an smtp proxy).
Compare that to the recommended configuration of amavis, which is to use the filtering interfaces of postfix/sendmail/exim (no idea about qmail) and check the message while in the queue.
More pain to set-up, but then again, I don't have to trust a propriatary, closed-soruce program to be my SMTP server. Postfix does that much better, thank you.
Posted Jun 14, 2003 12:32 UTC (Sat)
by Soruk (guest, #2722)
[Link] (2 responses)
MailStripper uses the SMTP proxy route - it's an anti-spam filter but also does anti-virus (currently using F-Prot, if enabled). It's checked before your downstream MTA sees the message. So far not a single pathogen has got past it. It gets the AV scanner to look at the message, and parses the report to determine whether the email should be quarantined or not. This architecture should allow it to be expanded to pretty much any AV offering that can be run on the command line and generate a report. Currently only F-Prot is supported for AV scanning, but I hope to expand that... I understand what you're saying about not wanting to trust closed source software (yet you're still having to trust it to AV scan your mail) but so far attempts to persuade the local supermarket to accept source code for groceries have proved fruitless :(
Posted Jun 14, 2003 13:20 UTC (Sat)
by tzafrir (subscriber, #11501)
[Link]
BTW: amavis tries to use any possible scanner, including f-prot, and including clamav/openantiviros (actually there are a number of branches of amavis, and hence the "try"). Also, ease of installation is no excuse. I have seen linux distros integrate well components that were much more difficult to install (apache, anybody?).
Posted Jun 15, 2003 0:32 UTC (Sun)
by dskoll (subscriber, #1630)
[Link]
It gets the AV scanner to look at the message, and parses the report to determine whether the email should be quarantined or not. This architecture should allow it to be expanded to pretty much any AV offering that can be run on the command line and generate a report. This sounds like how MIMEDefang works, except MIMEDefang is GPL'd, and supports about a dozen virus scanners.
Before making my response, I must confess to being the developer of the software mentioned below. Which is why I'm not posting a link.Microsoft to kill popular Linux antivirus product (ComputerWorld)
What I mean is that the SMTP server is part of the the MTA. It's not just about spam/virii killing. What about the load incurd on my system? What about the paranoid design of qmail (which postfix tries to follow, rather well)? Microsoft to kill popular Linux antivirus product (ComputerWorld)
MailStripper, etc.