Re: How to compare and choose anti-virus software ???
I am using Postfix, amavis-new, and ClamAv + F-Prot + H+BEDV AntiVir.
I was using OpenAntiVir (OAV) and DrWeb. OAV's signature database is
updated infrequently and is written in Java, putting a bigger load on
my system. ClamAv starts with OAV's signature database with
additional signatures added every week or two. It is written in C and
puts a smaller load on the system than OAV. If you have the memory of
the Java VM, the difference is not a lot. Plus it comes with an
executable to update the database. I have not gotten around to
updating F-Prot's database. H+BEDV AntiVir is free for non-commercial
use. You have to re-register every year to get a new license. They
claim the free product's database is updated every 2 months. It is
closer to once a week, almost as often as the premium product. DrWeb
was a 30 day evaluation license that has since expired.
Generally the commercial (F-Prot & AntiVir) scanners are more likely
to catch a virus, but all except DrWeb has caught one that nobody else
did. We use McAfee Virus Scan On-line on a Windows box that does not
receive its e-mail thru this setup. It missed an early Klez variant,
but caught it after the next database update a week later.
So what do I reccommend? Amavis-new - the newest package does not
stop when one scanner detects a virus, allowing you to compare
performance of several scanners. ClamAv - the price ($0) and system
load are hard to beat. H+BEDV AntiVir - if you meet its free criteria.
It also has a low system load, frequent updates, and an auto-update
program. This one I would be willing to pay for. I am still
undecided about F-Prot and DrWeb.
Caveat: I receive 300-500 msgs/weekday, half that on weekends, almost
all of it is from e-mail lists, most of whom scan too. I catch about 1
virus a month. None have gotten past the scanners on the Linux boxes.