ClamAV concerns
Hello,
we're using ClamAV on our mail server for scanning incomming mail server-side
on Etch. However, looking back at ClamAV's history (DSA-1320-1, DSA-1366-1,
DSA-1435-1, DSA-1479, DSA-1549) makes me feel a little bit uneasy. To be
honest, ClamAV had more remote exploitable holes than all of other public
reachable services together. Therefore imho it's difficult to say, whether
ClamAV protects our network or puts our server at risk.
What Do you think about this? Do you know reasons for ClamAV's unusual high
number of bugs? Would you abandon ClamAV for server side mail scanning in
favor of other scanners?
Thanks,
Keep smiling
yanosz
Reply to: