Date: Mon, 12 Mar 2001 23:35:38 -0500 (EST) From: Jim Durham <durham@w2xo.pgh.pa.us> To: James Wyatt <jwyatt@rwsystems.net> Cc: Will Mitayai Keeso Rowe <mit@mitayai.net>, freebsd-security@FreeBSD.ORG Subject: Re: Virus Scanning Software for FreeBSD Message-ID: <Pine.BSF.4.21.0103122322250.25997-100000@shazam.int> In-Reply-To: <Pine.BSF.4.10.10103122000480.72725-100000@bsdie.rwsystems.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 12 Mar 2001, James Wyatt wrote: > I have an eval copy of a product that looks promising: Sohpos antivirus. > > http://www.sophos.com/products/antivirus/savunix.html > > You can use the SAVI (API for virus checking) to scan email according to > the description at: > > http://www.sophos.com/products/antivirus/savi/ > > Their licensing looks fair and the sales person assigned to me has been > politely helpful and not overly insistant. Everything I've looked at so > far looks great, but the customer that wanted it has had delays and now > wants to wait for FreeBSD 4.3-RELEASE to install things on their server. > > Updates are monthly CDs and urgent updates are available as downloads. > > Our intent is to have it go after SMTP, HTTP, and FTP if we can and to > scan the Samba partitions for file infections. It handles uSoft Office > products like Word(tm) docs and such. > > Best of all, they support FreeBSD so we should support them, right? - Jy@ > > On Mon, 12 Mar 2001, Will Mitayai Keeso Rowe wrote: > > Is anyone aware of any virus scanning solutions for freebsd, particularly > > solutions for email? I don;t trust my users not to follow proper email > > guidelines, and thus would like to stop email at the server before they get > > delivered the message. > > I am using Sophos, and Amavis at our company. It is working very well. Sophos supports Windoze, Mac, Linux, FreeBSD, even VMS and OS2! You have Sendmail call Amavis for all incoming mail. Amavis unpacks and scans all attachments, even zipped and rar'ed and so forth, then delivers the mail to the user's mailbox if it's OK. Otherwise, it mails either the originator of the virus mail and/or the administrator and saves the virus mail for perusal. Works very well, but you need a little horsepower on the server. Our company sends around huge Autocad drawings and Excel spreadsheets and they all have to be "unattached" and scanned. I'm also using the Sophos Intercheck daemon. You put the Sophos CD in any workstation on your LAN, pick a directory on the server in which to install the Sophos setup stuff and Intercheck stuff. Then you install all the workstations (including the one you used to generate the server setup directory) from the server (running SAMBA of course!). Now, when a user logs into the M$ domain on Samba, any updates will be automatically downloaded to the workstation. I update several times daily from the Sophos site. When Sophos is first run on the workstation, it builds a file list. Any time the list is modified, it refers it to the intercheck daemon on the server for virus sweeping. Of course, any e-mail attachment that was unpacked would be scanned immediately, as it wouldn't be on the "safe" list. Works well.. Jim Durham To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0103122322250.25997-100000>