Firewall Wizards mailing list archives
Re: Antivirus on a free UN*X (Linux/*BSD) platform
From: Joseph S D Yao <jsdy () center osis gov>
Date: Mon, 6 Jan 2003 13:56:22 -0500
On Mon, Jan 06, 2003 at 06:28:18PM +0100, Meco wrote:
I would like to put an antivirus to filter all the mail traffic (smtp, pop3, imap) in a trasparent way (without telling the user to connect to a different mail server). Something like squid in trasparent mode, with antivirus checking, but for mail traffic. I did it with commercial firewall (Checkpoint, Cisco). Do you think it is possible on Linux/*BSD (iptables/ipfilter/pf + antivirus + something else)? Can you give me some pointers?
There are several ways to do it for SMTP; search on freshmeat.net for mail antivirus server. We are happy with AMaViS - A Mail Virus Scanner, www.amavis.org. AMaViS unwraps the mail message; you still need to get some kind of software virus detection software. We are using McAfee VirusScan for Linux, just because we already had a license. You do need to automatically go out and look for new virus definitions several times a day, and make sure that you continue to use current software. It should be fairly easy to configure any reasonable mail transfer agent (that means Sendmail or Postfix) to send any incoming e-mail messages that are NOT coming from the virus scanning machine to the virus scanning machine. Or just run the virus scanner on the same server, for a sufficiently powerful server [ours doesn't seem to be heavily taxed by the antivirus load]. I do label scanned messages, so it isn't completely transparent. ;-) I don't know of any way to scan outgoing POP3 or IMAP4 messages. But if you scan messages when they arrived via SMTP, one may hope that they don't appear via some other connection (UUCP? Sneakernet?). -- Joe Yao jsdy () center osis gov - Joseph S. D. Yao OSIS Center Systems Support EMT-B ----------------------------------------------------------------------- This message is not an official statement of OSIS Center policies. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Antivirus on a free UN*X (Linux/*BSD) platform, (continued)
- Re: Antivirus on a free UN*X (Linux/*BSD) platform Patrick M. Hausen (Jan 08)
- Re: Antivirus on a free UN*X (Linux/*BSD) platform Stephane Nasdrovisky (Jan 08)
- Re: Antivirus on a free UN*X (Linux/*BSD) platform Shimon Silberschlag (Jan 08)
- Re: Antivirus on a free UN*X (Linux/*BSD) platform Stephane Nasdrovisky (Jan 08)
- Re: Antivirus on a free UN*X (Linux/*BSD) platform Devdas Bhagat (Jan 08)
- RE: Antivirus on a free UN*X (Linux/*BSD) platform Bojan Zdrnja (Jan 09)
- RE: Antivirus on a free UN*X (Linux/*BSD) platform Bojan Zdrnja (Jan 08)
- Re: Antivirus on a free UN*X (Linux/*BSD) platform Kevin Steves (Jan 10)
- Re: Antivirus on a free UN*X (Linux/*BSD) platform ark (Jan 08)
- Re: Antivirus on a free UN*X (Linux/*BSD) platform Luca Berra (Jan 08)