RE: mail antivirus

ClamAV. http://www.clamav.net/

Open Source. Virus definitions automatically updated with new definitions via freshclam. New strains added very quickly. Client / Server model.

We use a shell script to make clamscan work with maildrop xfilter and it works very well.

No complaints other than some issues with the code base evolving a little to quickly which can make it difficult to keep up to date (some newer virus definitions will not work with an older version of clamscan so you need to check the logs of freshclam occasionally for "WARNING: Your ClamAV installation is OUTDATED!" and update when needed).

Recently purchased by SourceFire (makers of Snort), so I figure that at some point there is going to be a fork in the signatures they provide to a similar structure as the Snort Rules (two or three tiers with paying customers getting access to the newest rules instantly). I should note that this is only conjecture on my part, but is something to keep an eye on.

Hope that helps.

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On Behalf Of mircea
Sent: Wednesday, August 22, 2007 11:54 AM To: focus-linux@securityfocus.com
Subject: mail antivirus

Hello,

what kind of antivirus filter are you using on linux mail servers?

I appreciate solution names and a few words on why you're using it.

Thanks,
Mircea

• This message: [ Message body ]
• Next message: Stephen Summerfield: "Re: mail antivirus"
• Previous message: mircea: "mail antivirus"
• In reply to: mircea: "mail antivirus"
• Next in thread: Stephen Summerfield: "Re: mail antivirus"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]