Re: Does email server OS needs clamav?
On Wed, 02 Dec 2009 18:34:16 +0100, Jochen Schulz wrote:
> Camaleón:
>> >> In what way removing clamav you are closing a "potencial security
>> >> hole"? :-?
>> >
>> > http://www.google.com/search?q=clamav+exploit
>>
>> Oh, sure.
>>
>> But you can then change the query by:
>>
>> http://www.google.com/search?q=postfix+exploit
>> http://www.google.com/search?q=sendmail+exploit
>> http://www.google.com/search?q=exim+exploit
>>
>> And then we have to shutdown the mail service at all :-)
>
> The OP specifically asked whether removing ClamAV from the mail server
> would increase the security on the server. The answer is obviously yes.
Well, I do not (personally) know any case where a linux server was
"taken" by a ClamAV exploit.
But I do know many cases where client workstations are being used as
zombi machines to spread malware.
(Assuming here we are talking about windows machines, as it was stated
the end-users should be using some kind of antivirus at their end).
E-mail is the first entry gate for these threats and should be protected.
> IMO, the real question (which only the OP can answer) is:
>
> What's worse: the mail server being taken over by an attacker, or
> several workstations at once?
Dunno what could be "worse": a linux server running clamav or several
client machines infected in any way.
Greetings,
--
Camaleón
Reply to: