Anti-virus for FreeBSD
Olivier.Nicole at cs.ait.ac.th
Wed Mar 23 11:46:18 UTC 2016
> I terms of mail you are not limited to unix bases solutions. Exim for
> example as the ability to pass the mail to a host:port for scanning. That
> means you are not limited via os and therefore av vendor.
And Amavis can do that too. But I would prefer to avoid that because:
- it's one more system to manage, update, etc. Even more, a different
- sending the mail body through the net is less efficient than sending
it through a Unix socket (if the AV is on the same machine).
> On 23 March 2016 at 06:01, Wayne Sierke <ws at au.dyndns.ws> wrote:
>> On Tue, 2016-03-22 at 09:07 +0000, krad wrote:
>> > Other than that clamav
>> > is good enough.
>> I'm curious as to whether that's an objective or subjective view?
>> I've got clam-av set up on a couple of mail boxes scanning incoming
>> messages and find a worrying amount of viral content still gets
>> through. Even after submitting false-negative reports, manual tests
>> conducted (days!) later have failed to detect them.
>> To be fair, some of that also fails to be detected initially by
>> commercial AV scanners on MS Windows. However in one instance, for
>> example, one AV provider had an update deployed and distributed less
>> than two hours after they were notified.
>> I've submitted suspect attachments to the Virus-Total web site to find
>> that it was already submitted previously, sometimes long ago, and clam-
>> av is listed with a negative detection result.
> [2:text/html Show]
More information about the freebsd-questions