Re: Does email server OS needs clamav?
On Wed, 02 Dec 2009 18:34:16 +0100, Jochen Schulz wrote:
>> >> In what way removing clamav you are closing a "potencial security
>> >> hole"? :-?
>> > http://www.google.com/search?q=clamav+exploit
>> Oh, sure.
>> But you can then change the query by:
>> And then we have to shutdown the mail service at all :-)
> The OP specifically asked whether removing ClamAV from the mail server
> would increase the security on the server. The answer is obviously yes.
Well, I do not (personally) know any case where a linux server was
"taken" by a ClamAV exploit.
But I do know many cases where client workstations are being used as
zombi machines to spread malware.
(Assuming here we are talking about windows machines, as it was stated
the end-users should be using some kind of antivirus at their end).
E-mail is the first entry gate for these threats and should be protected.
> IMO, the real question (which only the OP can answer) is:
> What's worse: the mail server being taken over by an attacker, or
> several workstations at once?
Dunno what could be "worse": a linux server running clamav or several
client machines infected in any way.