[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Does email server OS needs clamav?



On Fri, 04 Dec 2009 02:12:53 +0700, Sthu Deus wrote:

> Thank You for Your time and answer, Camaleón:
> 
>> No, but it help your users to decrease the amount of code with unsafe
>> data at a very low prize for your server performance or security ;-)
> 
> My worries come from the fact that many email-related services are run
> w/ root privileges - therefore, if a security issue occurs - there is
> not problem to compromise whole OS. - Meaning an evildoer can create
> some special message that through the services processing will make a
> breach in the service and finally in the OS.

I think ClamAV should run as "clamav" user, not "root" and the same 
remains for many other services that use their own user.

Anyway, you have to understand that you are exposing your server to any 
potential attack just by enabling "any" remote service (mail server, web 
server, ssh/sftp access, proxy, vpn...) so is up to you what kind of 
services you want/need to provide to your users.

Of course, your linux server does not need an antivirus to protect 
itself, but to prevent your users to be infected. And remember that by 
centralizing the anti-malware checking in one point (your e-mail server) 
you are saving not just resources, but time and money to your company.

Choose your poison ;-)

Greetings,

-- 
Camaleón


Reply to: