[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: antivirus to integrate with sendmail
- To: misc_(_at_)_openbsd_(_dot_)_org, paolo_(_at_)_optivera_(_dot_)_com
- Subject: Re: antivirus to integrate with sendmail
- From: Kevin Sindhu <kevin_(_at_)_tgivan_(_dot_)_com>
- Date: Fri, 20 Jul 2001 12:41:21 -0700
- Organization: TGI Technologies Inc.
- Reply-to: kevin_(_at_)_tgivan_(_dot_)_com
Lars Hecking wrote:
> > My mail server is a sparc 5 machine running OpenBSD 2.8 (soon 2.9).
> > I have a few users that insist on using outlook and outlook exress :(
> > Only because of the them, I have to find some sort of antivirus to put
> > on my mail server to integrate with sendmail. I scanned the archives
> > and saw that some people have setup antivirus filtering integrated to
> > the system. Unfortunately they either ran Intel Hardware or didn't
> > elaborate on their setup. Can anyone with a similar setup to mine give
> > me pointers to what my options are?
> There is probably no antivirus product for OpenBSD/SPARC. But you may
> check the web sites of av product vendors listed at http://amavis.org/.
Correct me if I am wrong, OpenBSD SPARC can run SunOS binaries in emul
mode. If this is possible, maybe he can give NAI's mcafee AV for SPARC
a shot and see if it works..
> As a workaround for your specific machine, you could replace sendmail
> with postfix and use the header/body_checks feature to block certain
> types of attachments. Both this won't help with macro viruses if you
> decide to allow .doc attachments (which is quite likely :)
Another viable alternative, exim's system.filter which automatically
blocks "vb[se]|ws[fh]|jse?|exe|com|cmd|shs|hta|bat|scr|pif" without
the need of an AV. Free/Fast and effective;-)
> Besides, a Sparc 5 doesn't really have the horsepower for that job.
> I'm using an Ultra 60/360 for mail, and I'd rather have a faster box.
That's depends on how many users you have. We run a E450 (Solaris
ofcourse)+1 GB of RAM running IMAP/SMTP/POP servers which scales upto
around 8,000 users connected at the same time.
> I'd suggest something like a 1Gig+ Intel or AMD based box with plenty
> of RAM (512+), FreeBSD or Linux (because there _are_ AV products for
> these platforms). On the software side, postfix+avpcheck+Kaspersky AVP
> is a pretty efficient setup, both wrt performance and cost.
Umm...Not only FreeBSD or Linux. Almost all AV's out there run great
under emul, and infact RAV and HB-Dev already have an OpenBSD port of
Also see: http://www.openantivirus.org/av-unix_e.txt
Kevin Sindhu <kevin at tgivan dot com>
TGI Technologies Inc. Tel: (604) 872-6676 Ext 321
107 E 3rd Avenue Fax: (604) 872-6601
Vancouver,BC V5T 1C7