Re: Does email server OS needs clamav?
On Fri, 04 Dec 2009 02:12:53 +0700, Sthu Deus wrote:
> Thank You for Your time and answer, Camaleón:
>> No, but it help your users to decrease the amount of code with unsafe
>> data at a very low prize for your server performance or security ;-)
> My worries come from the fact that many email-related services are run
> w/ root privileges - therefore, if a security issue occurs - there is
> not problem to compromise whole OS. - Meaning an evildoer can create
> some special message that through the services processing will make a
> breach in the service and finally in the OS.
I think ClamAV should run as "clamav" user, not "root" and the same
remains for many other services that use their own user.
Anyway, you have to understand that you are exposing your server to any
potential attack just by enabling "any" remote service (mail server, web
server, ssh/sftp access, proxy, vpn...) so is up to you what kind of
services you want/need to provide to your users.
Of course, your linux server does not need an antivirus to protect
itself, but to prevent your users to be infected. And remember that by
centralizing the anti-malware checking in one point (your e-mail server)
you are saving not just resources, but time and money to your company.
Choose your poison ;-)