[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Does email server OS needs clamav?

On Wed, 02 Dec 2009 17:51:18 +0100, Jochen Schulz wrote:

> Camaleón:
>> On Wed, 02 Dec 2009 22:38:43 +0700, Sthu Deus wrote:
>> 
>>> PS I want to remove it because I suppose that in case clamav blesses
>>> users' life and not server's - by removing clamav I can close one
>>> potential security whole.
>> 
>> In what way removing clamav you are closing a "potencial security
>> hole"? :-?
> 
> http://www.google.com/search?q=clamav+exploit

Oh, sure.

But you can then change the query by:

http://www.google.com/search?q=postfix+exploit
http://www.google.com/search?q=sendmail+exploit
http://www.google.com/search?q=exim+exploit

And then we have to shutdown the mail service at all :-)

>> Clamav is just another service, just keep it updated for security fixes
>> and you are done.
> 
> Installing patches doesn't change the fact that another service
> increases the amount of code dealing with unsafe data (like e-mails).

No, but it help your users to decrease the amount of code with unsafe 
data at a very low prize for your server performance or security ;-)

Greetings,

-- 
Camaleón
Reply to: