Date: Sat, 22 Feb 2003 10:49:10 -0800 (PST) From: Tom Samplonius <tom@sdf.com> To: David Raistrick <drais@wow.atlasta.net> Cc: Paul Khavkine <paul@colba.net>, freebsd-isp@FreeBSD.ORG Subject: Re: Antivirus for Sendmail Message-ID: <Pine.BSF.4.05.10302221042500.24757-100000@misery.sdf.com> In-Reply-To: <Pine.BSF.4.21.0302211121280.77216-100000@wow.atlasta.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 21 Feb 2003, David Raistrick wrote: > > AVP > > I tried both freebsd and linux versions of AVP's scanners as of late 2001 > early 2002. I worked with their sendmail versions as well as their > qmail-queue replacement. I also used their kavscanner and attempted to > use kavdaemon. My overall impression was "very unstable" though at this > late date I don't have further specifics. It's very possible that they've > fixed some of the problems I encountered at the time. ... I've been using kavdaemon to scan 300,000 e-mails per day using Exiscan as the connection to the MTA. It is very stable. kavdaemon can scan into archives, and can scan MIME attachments without conversion, making it quite quick. Letting kavdaemon scan the raw messages also allows it detect common exploits, like the IFRAME exploit for IE. According to my stats, kavdaemon blocks more messages with an IFRAME exploit than anything else (I think spammers are using the IFRAME exploit to launch browsers to their web site). I don't use the Kaspersky sendmail integration software, I found it too expensive (per user licensing), while kavdeamon by itself just requires a server license. And here is a big one: no false positives. Most people aren't aware that we are using kavdaemon. Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10302221042500.24757-100000>