[ILUG] Re: anti-virus scanning
lhecking at nmrc.ie
Tue Nov 20 17:44:50 GMT 2001
> just in on linuxtoday.com
> virus scanning stuff ...
Crap. Over-complicated (store and forward; requires cron jobs) and
non-scalable. It may work well enough for a home environment, but
that's about it.
| The basic outline of the system consists of using Bash scripts, metamail,
| grep, the Obtuse Systems' smtpd product, Samba and a command-line virus
Shell scripts give you hideous performance. The old, shell-script version
of amavis (0.2.x) would drive the load on our mail server up to 40 and beyond
on mailing list mail.
metamail is an old, bug-ridden, and basically unmaintained piece of software.
It doesn't understand multipart/alternative, among others. The recommended
alternative is usually reformime from the maildrop package.
Obtuse's smtpd/smtpfwdd is an unmaintained, buggy piece of software. It
rewrites envelope information and sometimes makes the envelopes unusable,
| I wanted our system to be extremely easy to follow and easy to extend
| without a user having to know C or be a Perl guru.
requiring the admin to go in and hack some C.
A command-line virus scanner, while often the only available option, will
not let you scale the system. Every invocation of it, for every email sent
through the system, will reload and reinitialise it's virus database, which
can be a costly process.
| chown -R uucp.uucp /var/spool/smtpd
No clue about Unix security. One would definitely use a dedicated user,
not one that exists for totally different purposes.
More information about the ILUG