Date: Fri, 26 Jan 2007 22:54:49 -0600 From: Paul Schmehl <pauls@utdallas.edu> To: Martin McCormick <martin@dc.cis.okstate.edu>, freebsd-questions@freebsd.org Subject: Re: Spam and Viruses, Vandalism-l, the Mailing List from Hell. Message-ID: <0AC53886E567E9E3AED7E9EE@paul-schmehls-powerbook59.local> In-Reply-To: <200701270416.l0R4GvhX006107@dc.cis.okstate.edu> References: <200701270416.l0R4GvhX006107@dc.cis.okstate.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--==========9332BCC3C6414B0888D6========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On January 26, 2007 10:16:57 PM -0600 Martin McCormick=20 <martin@dc.cis.okstate.edu> wrote: > Has anyone gotten the port > /usr/ports/mail/antivirus-milter to work? > > The system in question runs FreeBSD5.4 with sendmail and > bogofilter. Bogofilter is excellent at helping sort messages in > to spam or other folders if you generate a large wordlist. > > One category of junkmail, however, is not true spam. It > is more a form of hacking in that it tries to implant viruses > like Johny Appleseed only this guy is Johny weedseed. > > I got antivirus-milter to make and install but it > immediately failed when started: > > antivirus[53446]: externalcommand() > failed to execve() /system/av/decullotage/uvscan > Uvscan is McAfee's antivirus product. Did you install it? There's a conf = file in the files directory of that port. It defines AVSCANNER as=20 "/usr/local/bin/uvscan". That would require that you have McAfee=20 Antivirus for FreeBSD installed. If this machine handles lots of mail, I=20 wouldn't suggest you use that. Uvscan launches a shell for each time it's = called, and it will suck a lot of cpu and memory (based on our extensive=20 comparison testing.) I would recommend that you install either clamav (security/clamav) or your = school's commercial product *if* it has a daemon for FreeBSD. If it's a=20 shell program like McAfee, I would *not* recommend it. Once you have the av product installed, edit the conf file appropriately=20 and you should be up and running. You'll find the conf file in=20 /usr/local/etc. Paul Schmehl (pauls@utdallas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --==========9332BCC3C6414B0888D6==========--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0AC53886E567E9E3AED7E9EE>