[Mimedefang] )What AV scanners do you use? (was Re: Any Sophie users out there?

David F. Skoll dfs at roaringpenguin.com
Thu Mar 20 15:04:07 EDT 2014

On Thu, 20 Mar 2014 14:49:32 -0400 (EDT)
Jason Englander <jason at englanders.us> wrote:

> Personally and professionally I've used ClamAV (via clamd) for a
> long time.  I actually used to be a "team member" pre-Cisco,
> pre-SourceFire.

Post-Cisco, ClamAV seems to have greatly declined in usefulness.
It catches hardly anything anymore... anyone else experiencing this?

In my experience, most of the commercial AV scanners for Linux are horrible.
They often use undocumented wire protocols making it difficult/impossible
to use them efficiently from MIMEDefang.  The "MIMEDefang-friendliest" one
I know of is F-PROTD version 6.

On our hosted anti-spam offering, we simply block outright *.EXE, *.SCR etc
whether directly attached or within zip files, RAR files, etc.  So far
no-one has complained.



More information about the MIMEDefang mailing list