[Mimedefang] Virus Scanners
Adam Beatham
adam at backboard.org
Wed Jul 10 13:39:00 EDT 2002
At 12:09 PM 7/10/2002 -0400, you wrote:
>Hopefully so, sweep vs. libsavi+sophie should have the same results -
>but arrive at them sooner ;-) If sweep has the same trouble I guess
>it wouldn't help, but Have you tried sophie 1.40rc1?
I haven't yet.. but I am going to try it!
> > at this time, I don't have the luxury of the multiple boxes :)
>
>Understood. The only one virus scanner I've ever run by itself was
>McAfee/NAI's. Too much mail for it to handle though (and every NAI
>employee I've ever talked to about licensing should be shot). So, I
>always set up at least two scanners. Perhaps I'd have the same results
>as you if I only used sophie (are/were you only using sophie?). Why
>don't you set up something else like File::Scan to scan things after
>Sophie to see if anything gets caught there. I mean before the Notes
>machine ruins any hope of having useful information like what you'd get
>out of quarantine_entire_message. If sweep/sophie really did just
>plain miss it, then by all means - send it to the sophos people.
>
>File::Scan by the way has _very_ little overhead. The virus signatures
>are in the Perl module itself, so it doesn't have to run/read anything
>external at all. ...well, just the files that it scans.
So I have a couple of dumb questions. What would be the best way to
implement dual scanners within the same filter?
And just how does File::SCan work.. I actually use it on another system,
just for minimal protection at this point. but how does one update the
signatures and what not?
thanks!
-adam, the guy behind the guy behind the guy
More information about the MIMEDefang
mailing list