[Mimedefang] )What AV scanners do you use? (was Re: Any Sophie users out there?
wbrown at e1b.org
wbrown at e1b.org
Thu Mar 20 15:46:49 EDT 2014
DFS wrote on 03/20/2014 03:04:07 PM:
> Post-Cisco, ClamAV seems to have greatly declined in usefulness.
> It catches hardly anything anymore... anyone else experiencing this?
>
> In my experience, most of the commercial AV scanners for Linux are
horrible.
> They often use undocumented wire protocols making it
difficult/impossible
> to use them efficiently from MIMEDefang. The "MIMEDefang-friendliest"
one
> I know of is F-PROTD version 6.
>
> On our hosted anti-spam offering, we simply block outright *.EXE, *.SCR
etc
> whether directly attached or within zip files, RAR files, etc. So far
> no-one has complained.
We haven't seen an increase in virii detected by McAfee or Symantec on
servers downstream from our CanIt system. Maybe that's because blocking
the unsafe extensions kills them before we even call ClamAV.
Or are there fewer infections being sent by mail, rather focusing more on
phishing emails?
Confidentiality Notice:
This electronic message and any attachments may contain confidential or
privileged information, and is intended only for the individual or entity
identified above as the addressee. If you are not the addressee (or the
employee or agent responsible to deliver it to the addressee), or if this
message has been addressed to you in error, you are hereby notified that
you may not copy, forward, disclose or use any part of this message or any
attachments. Please notify the sender immediately by return e-mail or
telephone and delete this message from your system.
More information about the MIMEDefang
mailing list