Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, Oct 07, 2003 at 10:05:43PM +0200, Kjetil Kjernsmo wrote:
> Yeah, that's one option. I considered it, but the problem is, if you
> feed the learner with tons of similar viruses, how good will it be to
> kill spam...?
Bayesian filtering goes on what *you* consider spam, not the
traditional definition.
> Also, if you feed those to Vipul's Razor, what would it
> mean for Razor....?
Potentially, the virus infected messages get flagged as spam by razor,
which isn't neccisarilly a Bad Thing.
> I'm working on it right now, actually. I have just upgraded my mail
> server to Exim4. I think I would recommend that to everyone. If you ask
> for help on the Exim users list about Exim 3, people don't remember
> what it was like running Exim 3 anymore, so you're quite lost... :-)
Which is really strange, since it's the same MTA, just different
layout of the configs which makes it easier to take advantage of the
more advanced features.
> What I've done is to install exim4-daemon-heavy and clamav-daemon, then
> have a DATA ACL reject certain executables, then pass it to clamd if
> that didn't do the trick. They are rejected in the SMTP dialogue, if I
> got this right (somebody correct me if I'm wrong, ASAP :-) ), so the
> bounce doesn't hit an innocent bystander.
I wouldn't reject arbitrarily on filenames but the rest sounds good.
> Before I run along to the sa-exim mailing list, has anybody here got it
> working?
I've been curious on how to tie in virus scanning to sa-exim as well,
post it to this list if you figure it out.
- --
.''`. Paul Johnson <baloo@ursine.ca>
: :' :
`. `'` proud Debian admin and user
`- Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/g8m7UzgNqloQMwcRAsRkAJ9vVB0bDk0uHFvEHs5XCJu0IsXIrwCgqC3+
BNaxJmQRi1MmAmthGgoDHOo=
=PREa
-----END PGP SIGNATURE-----
Reply to: