From owner-freebsd-security Tue Mar 13 9:49:39 2001 Delivered-To: freebsd-security@freebsd.org Received: from paperbox.gvpl.victoria.bc.ca (paperbox.gvpl.victoria.bc.ca [199.60.107.1]) by hub.freebsd.org (Postfix) with ESMTP id 1E82A37B718 for ; Tue, 13 Mar 2001 09:49:32 -0800 (PST) (envelope-from scampbel@gvpl.ca) Received: (from daemon@localhost) by paperbox.gvpl.victoria.bc.ca (8.9.3/8.9.3) id JAA61989; Tue, 13 Mar 2001 09:48:52 -0800 (PST) (envelope-from scampbel@gvpl.ca) Received: from pochta.gvpl.victoria.bc.ca(199.60.106.7) by paperbox.gvpl.victoria.bc.ca via smap (V2.1/2.1+anti-relay+anti-spam) id xma061892; Tue, 13 Mar 01 09:48:31 -0800 Received: from localhost (scampbel@localhost) by pochta.gvpl.victoria.bc.ca (8.11.1/8.11.1) with ESMTP id f2DHmXe26929; Tue, 13 Mar 2001 09:48:33 -0800 (PST) (envelope-from scampbel@pochta.gvpl.victoria.bc.ca) Date: Tue, 13 Mar 2001 09:48:33 -0800 (PST) From: Scott Campbell To: James Wyatt Cc: Will Mitayai Keeso Rowe , Subject: Re: Virus Scanning Software for FreeBSD In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 12 Mar 2001, James Wyatt wrote: > I have an eval copy of a product that looks promising: Sohpos antivirus. > > http://www.sophos.com/products/antivirus/savunix.html > > You can use the SAVI (API for virus checking) to scan email according to > the description at: > > http://www.sophos.com/products/antivirus/savi/ > > Their licensing looks fair and the sales person assigned to me has been > politely helpful and not overly insistant. Everything I've looked at so > far looks great, but the customer that wanted it has had delays and now > wants to wait for FreeBSD 4.3-RELEASE to install things on their server. > > Updates are monthly CDs and urgent updates are available as downloads. > > Our intent is to have it go after SMTP, HTTP, and FTP if we can and to > scan the Samba partitions for file infections. It handles uSoft Office > products like Word(tm) docs and such. > > Best of all, they support FreeBSD so we should support them, right? - Jy@ > I can't say enough good things about the Sophos product. We originally got it in April '99 and have been successfully stopping viruses ever since. It is running on our mail server (currently FreeBSD v4.2R, was 3.0Snap until March 1) and is still available in aout and elf versions. They have also added archive scanning inside numerous archive types. At the time it was the only major company to have a FreeBSD version (NAI was reported to have one but I couldn't track it down). I wrote my own script, instead of using Amavis, to work with Sendmail to virus scan. Another thing that I've set up is an automatic ide (virus identity) download from Sophos. You can ask for automatic email notification when they have written a new ide for a new virus (or variant). When that email arrives the new ide file is fetched and put into the sweep (their virus checking program) directory and used next time it is run (I batch my email scanning). Service and support questions have always been answered quickly and professionally. We also use it on all our Win95/98/Me/NT machines - they update themselves from a central server that is upgraded manually each month when the CD arrives. Scott E. Campbell _______________________________ Computer Operations Greater Victoria Public Library Victoria BC CANADA (250)382-7241 x230 scampbel@gvpl.ca > On Mon, 12 Mar 2001, Will Mitayai Keeso Rowe wrote: > > Is anyone aware of any virus scanning solutions for freebsd, particularly > > solutions for email? I don;t trust my users not to follow proper email > > guidelines, and thus would like to stop email at the server before they get > > delivered the message. > > > > Regards, > > Mit > > > > -- > > Will Mitayai Keeso Rowe > > > > For full contact information, please visit: > > http://my.infotriever.com/mitayai > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message