Re: Antivirus (with exim+courier-imap+fetchmail)
On 16/04/04, Andy Firman (andy@firman.us) wrote:
> On Thu, Apr 15, 2004 at 03:56:06PM -0700, Paul Johnson wrote:
> > Thomas Halahan <tom@halahan.com> writes:
> > > My budget is small, maybe $100.
> > > My question is therefore, what sort of suggestions people have to apply
> > > antivirus scanning?
> If one has exim4-daemon-heavy and denies any MS executeables with
> this in the /etc/exim4/conf.d/acl/40_exim4-config_check_data:
> deny message = $found_extension files are not accepted here
> demime = bat:btm:cmd:com:cpl:dll:exe:lnk:msi:pif:prf:reg:scr:vbs:url:zip
>
> Isn't that good enough for small Windows networks and users that don't
> use zip files? (my users certainly don't need .exe files, .bat files,
> etc...)
Stopping all executables coming through is a great idea. The option
above in exim4-daemon-heavy is through its support for exiscan (the
demime option).
The exiscan patch also supports though a single-line of configuration
pluggin into the clamav anti-virus system.
av_scanner = clamd:/var/run/clamd.ctl
Check out duncanthrax.net for more info.
Package: exim4-daemon-heavy
Source: exim4
Version: 4.30-8
...
This package features the exiscan-acl patch
http://duncanthrax.net/exiscan-acl/ for integration of virus-scanners
and spamassassin.
--
Rory Campbell-Lange
<rory@campbell-lange.net>
<www.campbell-lange.net>
Reply to: