[Mimedefang] Cleaning up antivirus integration

Kevin A. McGrail kmcgrail at pccc.com
Thu May 3 07:18:04 EDT 2007


> This would allow us to upgrade to new versons of MIMEDefang without
> changes to our filters just to pass syntax checks.

I don't know about this.  Change is a pain but MD, like most programs, 
always has some growth vs. existing architecture issues. I'd rather not have 
a programmer hampered for something this major by having to keep the 
existing API calls just for that sake.  It might be annoying but this is not 
a program designed for the masses.  It's designed for technical 
administrators.

Anyway, to answer the original question from Dave O'Neill:

I use McAfee's uvscan and clamd.  I just renewed McAfee for 2 more years and 
clamd doesn't look like it's going anywhere soon.

I hate having to patch the MD source code to change the command line params 
to uvscan so for me, having control of the command line would be key with 
sane defaults.

As a programmer, I would also recommend that you are able to pass in 
errorcode levels and specify what they mean.

Finally, I'm seeing a huge push to make a/v products into anti-malware that 
attempts to detect phishing, virii, malware, libertarians and giant lizards. 
If the architecture could be aware of this and changed to something that 
understands this, I think it would be more future proof.

For example, I might start calling this the antimalware integration though 
someone can likely argue an even better term.  After that, I'd like to see 
it able to make it's best guess at returning a status that indicates whether 
it find a virus, a phish, some malware, a republican, etc.

Hope this helps!

Regards,
KAM 




More information about the MIMEDefang mailing list