[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to compare and choose anti-virus software ???



I am using Postfix, amavis-new, and ClamAv + F-Prot + H+BEDV AntiVir.
I was using OpenAntiVir (OAV) and DrWeb.  OAV's signature database is
updated infrequently and is written in Java, putting a bigger load on
my system.  ClamAv starts with OAV's signature database with
additional signatures added every week or two.  It is written in C and
puts a smaller load on the system than OAV.  If you have the memory of
the Java VM, the difference is not a lot.  Plus it comes with an
executable to update the database.  I have not gotten around to
updating F-Prot's database.  H+BEDV AntiVir is free for non-commercial
use.  You have to re-register every year to get a new license.  They
claim the free product's database is updated every 2 months.  It is
closer to once a week, almost as often as the premium product.  DrWeb
was a 30 day evaluation license that has since expired.

Generally the commercial (F-Prot & AntiVir) scanners are more likely
to catch a virus, but all except DrWeb has caught one that nobody else
did.  We use McAfee Virus Scan On-line on a Windows box that does not
receive its e-mail thru this setup.  It missed an early Klez variant,
but caught it after the next database update a week later.

So what do I reccommend?  Amavis-new - the newest package does not
stop when one scanner detects a virus, allowing you to compare
performance of several scanners.  ClamAv - the price ($0) and system
load are hard to beat.  H+BEDV AntiVir - if you meet its free criteria.
It also has a low system load, frequent updates, and an auto-update
program.  This one I would be willing to pay for.  I am still
undecided about F-Prot and DrWeb.

Caveat: I receive 300-500 msgs/weekday, half that on weekends, almost
all of it is from e-mail lists, most of whom scan too.  I catch about 1
virus a month.  None have gotten past the scanners on the Linux boxes.

YMMV,
  Jeffrey



Reply to: