[Mimedefang] Virus Scanners
Jason Englander
jason at englanders.cc
Wed Jul 10 12:10:01 EDT 2002
On Wed, 10 Jul 2002, Adam Beatham wrote:
> Yeah I grab the IDE's every night, my info matches that which you
> posted. I was running sophie, and just switched to regular sophos/sweep
> this morning, but it appears to be having the same behavior. Unfortunately,
Hopefully so, sweep vs. libsavi+sophie should have the same results -
but arrive at them sooner ;-) If sweep has the same trouble I guess
it wouldn't help, but Have you tried sophie 1.40rc1?
> at this time, I don't have the luxury of the multiple boxes :)
Understood. The only one virus scanner I've ever run by itself was
McAfee/NAI's. Too much mail for it to handle though (and every NAI
employee I've ever talked to about licensing should be shot). So, I
always set up at least two scanners. Perhaps I'd have the same results
as you if I only used sophie (are/were you only using sophie?). Why
don't you set up something else like File::Scan to scan things after
Sophie to see if anything gets caught there. I mean before the Notes
machine ruins any hope of having useful information like what you'd get
out of quarantine_entire_message. If sweep/sophie really did just
plain miss it, then by all means - send it to the sophos people.
File::Scan by the way has _very_ little overhead. The virus signatures
are in the Perl module itself, so it doesn't have to run/read anything
external at all. ...well, just the files that it scans.
Jason
--
Jason Englander
jason at englanders.cc
More information about the MIMEDefang
mailing list