Date: Thu, 02 Nov 2000 11:52:30 +0100 (CET) From: holger glaess <glaess@element5.de> To: freebsd-stable@freebsd.org Subject: RE: Mailscanning with FreeBSD (was: VIRUS WARNING) Message-ID: <XFMail.001102115230.glaess@element5.de> In-Reply-To: <20001102113045.A50839@isi.actis.de>
next in thread | previous in thread | raw e-mail | index | archive | help
hi folks
i use
qmail 1.03
qmailqueuescan (sourceforg.net/projects/qmail-scanner
sohos sweep (i think is the best , (is fast and a nativ prg for FreeBSD)
On 02-Nov-00 Thorsten Kuehnemann wrote:
> On Thu, Nov 02, 2000 at 10:19:35AM +0100, Pawel Latkowski wrote:
>> Hello guys,
>> I received many of warnings from You. I'm interested in what are U using to
>> check e-mails for virus. I'm using sendmail.
>
> Hello Paul,
>
> i installed a native FreeBSD Virusscanner from Network Associates
> www.nai.com :
>
> cd /usr/ports/security/vscan && make install
>
> This port depends on regularly updated "DAT-Files" with virus signatures.
> Because of the weekly updating of that files i had to install the port in
> /usr/src/security/uvscan-dat with NO_CHECKSUM=yes.
> The port has a shellscript to use for updating.
> I suggest you to create a nonprovileged user for this script
> because it extracts a tarfile downloaded from the net.
>
> Now you have a Program for checking files. The Tools in
> http://amavis.org can extract all attachments of a mail
> with the help of many tools found under /usr/ports/archivers and
> /usr/ports/converters/tnef into files and running "uvscan" on them.
>
> Its main Shellscript "scanmails" replaces the local Mailer found
> in Mlocal of your sendmail.cf. After checking the mail it calls the
> "real" local delivery program. The script is highly configurable.
>
> Amavis uses file(1) to get the type of a file and needs a parameter
> "-b" so i installed GNU-File under /usr/local/libexec/file for it.
> Amavis suggests installing "maildrop" to get a secure tool for
> extracting attachments into files. The FreeBSD-Port is very old so
> i installed it from http://www.flounder.net/~mrsam/maildrop/ .
>
>
> I doubt that this installation will increase the security of your
> site:
>
> - the users think that the MTA will refuse all insecure mails
> which is NOT true (think of new worms/viruses or other executables
> like moorhuhn.exe)
>
> - many programs are started at your mailserver to extract all
> attachments. All Programs have their own security holes like
> buffer overflows...
>
> But i know what it means for me to restore the complete contents
> of file- or webservers as a result of the behaviour of our users
> so i installed it.
>
> Thorsten
>
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.001102115230.glaess>