From owner-freebsd-chat@FreeBSD.ORG Thu Jun 12 12:35:46 2003 Return-Path: Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 28C8C37B401 for ; Thu, 12 Jun 2003 12:35:44 -0700 (PDT) Received: from pa-plum1b-166.pit.adelphia.net (pa-plum1b-217.pit.adelphia.net [24.53.161.217]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3BC6A43FA3 for ; Thu, 12 Jun 2003 12:35:41 -0700 (PDT) (envelope-from wmoran@potentialtech.com) Received: from potentialtech.com (working [172.16.0.95]) h5CJZdOg002312; Thu, 12 Jun 2003 15:35:40 -0400 (EDT) (envelope-from wmoran@potentialtech.com) Message-ID: <3EE8D60B.4060907@potentialtech.com> Date: Thu, 12 Jun 2003 15:35:39 -0400 From: Bill Moran User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3) Gecko/20030429 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Gianmarco Giovannelli References: <5.2.1.1.2.20030612202321.02e28008@194.184.65.4> <5.2.1.1.2.20030612202321.02e28008@194.184.65.4> <5.2.1.1.2.20030612211700.02ecd2a8@194.184.65.7> In-Reply-To: <5.2.1.1.2.20030612211700.02ecd2a8@194.184.65.7> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: chat@freebsd.org Subject: Re: Antivirus for (mailservers on) FreeBSD X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jun 2003 19:35:46 -0000 Gianmarco Giovannelli wrote: > At 12/06/2003, Bill Moran wrote: > >> Gianmarco Giovannelli wrote: >> >>> I was a very happy RAV antivirus (by Gecad) user, a former free >>> company that produced a very good, IMHO, antivirus. >>> Http://www.ravantivirus.com >>> Now RAV was acquired by Microsoft and they'll discontinue all the >>> non Windows products. >>> This is the email they are sending to the customer asking informations. >>> >> >> On the flip side, we replaced Kaspersky with Sophos and it has been >> working wonderfully. Sophos likes to brag about being the fastest to >> respond to new threats and my experience with them validates that claim. >> It's also fast and reliable. > > I have used sophos a lot before RAV, but I didn't like to much the > following points: > 1) the scanner has to be used with amavis, which was obviusly so far > slow than the dedicated RAV engine. I think they have a dedicated smtp > version, but I don't know if they support FreeBSD natively. Can't argue with you here. They have a dedicated SMTP version but it's very limited and acts as an open relay, thus can't be used in most configurations. The system I'm using this on is loaded lightly enough that Amavis doesn't cause us any problems. Even then, Amavis is much less load than running something like Spamassassin. > 2) the upgrades are good for the single "ide" idea, but are a little > pain when you have to change the entire database (monthly based) because > you have to rely on manual procedure (sh scripts) to update it. But it > was a lot of times ago, perhaps now things are changed. This can be worked around. We have automated scripts for nightly update and simply do the monthly manually (only takes about 15 minutes or so) but I can easily imagine that the monthly update could be scripted as well (although we haven't bothered). > Can you explain how you use it ? Do you use amavis to do the wrapper ? Yes. -- Bill Moran Potential Technologies http://www.potentialtech.com