Milter and ClamAV
Richard Stevenson
richard at endace.com
Wed Jun 30 18:21:53 PDT 2004
On Wed, 30 Jun 2004, Eric Crist wrote:
> I've just installed ClamAV with Milter support. I was wondering how I
> would go about adding a signature at the bottom of outgoing mail to
> indicate that it has been scanned?
I wouldn't bother, for two reasons:
1. Clamav-milter adds a couple of X- headers to the message, saying it
was scanned. This is what was in your message:
X-Virus-Scanned: clamd / ClamAV version 0.72, clamav-milter version 0.72
on grog.secure-computing.net
X-Virus-Status: Clean
2. I'm not aware of any general way to add a note to the bottom of any
message, unless you ban all multipart messages and/or attachments from
passing through your system. Your users/customers might complain
about that ;)
Personally, I think the idea of such a signature is just a "feel-good"
thing and doesn't actually add anything other than a false sense of
security. Depending on how often you update your virus DB files, and
which virus it is, a message containing a virus may get through the
scanning without detection. For example, I've got a copy of
W32.Spybot.Worm sitting on my disk that clamav doesn't pick up, even
though I submitted it to them when I first received a copy of it, several
weeks ago. Norton/Symantec, Trend, and F-Prot all detect the virus and
try to delete/quarantine the file.
If you really want to go ahead and do this, read the clamav-milter manpage
and look for --signature-file. Personally, I see no value in it.
Regards
Richard
--
Richard Stevenson
More information about the freebsd-questions
mailing list