From owner-freebsd-isp Fri Feb 21 11:35:56 2003 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1768637B401 for ; Fri, 21 Feb 2003 11:35:55 -0800 (PST) Received: from wow.atlasta.net (wow.atlasta.net [12.129.13.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8131343FBF for ; Fri, 21 Feb 2003 11:35:54 -0800 (PST) (envelope-from drais@wow.atlasta.net) Received: from wow.atlasta.net (localhost.atlasta.net [127.0.0.1]) by wow.atlasta.net (8.12.2/8.12.5) with ESMTP id h1LJZq5n018755; Fri, 21 Feb 2003 11:35:52 -0800 (PST) Received: from localhost (drais@localhost) by wow.atlasta.net (8.12.2/8.12.2/Submit) with ESMTP id h1LJZqVB018752; Fri, 21 Feb 2003 11:35:52 -0800 (PST) Date: Fri, 21 Feb 2003 11:35:52 -0800 (PST) From: David Raistrick To: Paul Khavkine Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Antivirus for Sendmail In-Reply-To: <3E567D29.9456A38E@colba.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > I'm looking at following products: > F-PROT I use the linux f-prot binary daily. It's never given me a problem in my qmail-scanner setup. > AVP I tried both freebsd and linux versions of AVP's scanners as of late 2001 early 2002. I worked with their sendmail versions as well as their qmail-queue replacement. I also used their kavscanner and attempted to use kavdaemon. My overall impression was "very unstable" though at this late date I don't have further specifics. It's very possible that they've fixed some of the problems I encountered at the time. I've also worked with uvscan from mcaffe just a few months ago. (one of the developers here in the office worked with it much more then I..he was working with their sdk). When compared to fprot speed/utilisation was generally the same. Some specific situations (sorry, I don't have any notes on this) could cause extreme results (fprot can potentially take a /very/ long time to scan...) with both. fprot has always had new updates available quickly....I update every twelve hours. My current virus signatures is from feb19/15:34, macro signatures from feb17/6:54 fprot 3.12a > Ease of updating Initially they had no formal process, so I wrote a shell script to do it (a few versions ago..). Now they include a shell script to do the updates. I haven't used it since it's written for bash...I felt no need or desire to port it or install bash since my own script continued to do the job fine for me. I was happy with fprot when it was free...and I'm still happy with it now that it's not. ....david --- david raistrick drais@atlasta.net http://www.expita.com/nomime.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message