[Mimedefang] MD and ClamAV
Mișu Moldovan
dumol at gnome.ro
Thu Jul 22 05:06:36 EDT 2010
"Jon Rowlan" <jon.rowlan at sads.com> a scris:
> What would be the preferred and recommended way to use ClamAV with MD?
>
> They both need to use or have access to a .sock
>
> So should I run Clam as defang or change perms so that both Clam and
> MD can talk to the same directory or indeed move the location of the
> Clam AV .sock?
>
> I would really like to know others ideas of how to make these two hang
> together.
>
> I guess chmod 777 is not a good idea :-)
I have successfully used MIMEDefang with network sockets in such a
setup. Being a standard milter filter, MD supports them just fine, just
use something like this in the config: SOCKET=inet:12345 at 127.0.0.1. When
using ClamAV, make sure its local socket is accessible to the user whose
credentials you are using to run MIMEDefang.
As a side fact, I would not run ClamAV as root as it hangs from time to
time and I don't trust it that much. In fact, I have given up on using
an AV on the MX servers altogether, just ban the dangerous file
extensions like com, exe, pif, lnk etc. and you are good to go. The
only notable problem I have encountered since is PDF malware, so make
sure you either avoid Adobe Acrobat or use virus protection on Windoze
clients.
--
mișu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <https://lists.mimedefang.org/pipermail/mimedefang_lists.mimedefang.org/attachments/20100722/778f82cb/attachment.sig>
More information about the MIMEDefang
mailing list