Cormack, Ken wrote:
-----Original Message----- Dave Goodrich wrote:
We use MailScanner because it offers additional tools, delivery options, routing, and filtering above clamav. We also do not have issues with the clam daemon that some have had. Julian is exceedingly responsive to his community, the level of support and help on the MailScanner is second to nothing I have seen in Open Source Software.
::snip::
Clamav is great, MailScanner just makes it even better.
MailScanner has a design flaw that can not be overlooked.
By not being a Milter, it does not operate during the SMTP conversation,
meaning you can not "reject" during the conversation.
I run milter-ahead to check the recipient with my pop toaster. I wouldn't even think of bouncing, rejecting, mailing back to any sender because a content check failed. Whether it is because clamav found a virus or MailScanner found a disallowed filename. Since milter-ahead has confirmed that I have a valid recipient, I send any dangerous content either to the quarantine and notify the recipent, or I attach the file and send it on to the recipient.
There are situations where being a post smtp processor would be totally acceptable, such as another mail gateway has already accepted the message and routed to MailScanner based on recipient, or other rules. I don't believe it is a design flaw, just something MailScanner leaves up to the sysadmin to decide how best to handle, for his situation.
I never intended to infer it was the "Best" or "Only" solution. The author asked what the benefits of using a third party software were and I answered his question as "we use", not "you should use".
DAve
Because MailScanner is a post-conversation processor, you have to either generate a separate bounce message to return to the sending server which will undoubtedly just sit in your outbound mail queue due to forged or invalid sender addresses... Or you silently discard a message after fully rec eiving it (which does not tell the sending server that the message was unwanted. In addition, you have no option but to fully receive the message (and expend the bandwidth, disk space, and other resources required to receive it), before deciding you don't want it.
Better to use a Milter, because a Milter can reject during much earlier parts of the SMTP dialogue, such as at the EHLO/HELO, the MAIL FROM, the RECPT TO, and so on... Before you commit to receiving the body, for example.
MailScanner is nice, as it is highly customizable. But if you want that flexibility PLUS the advantages of a true Milter, you should look at MIMEDefang.
And MIMEDefang can work in conjunction with the Clam milter, with Clamd, or with clamscan (or any combination of those 3), in addition to other scanning/filtering options "out of the box".
-- Dave Goodrich Systems Administrator http://www.tls.net Get rid of Unwanted Emails...get TLS Spam Blocker!
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
