Hi folks, Sorry for the top-post and new thread, but I just subscribed cuz I saw this thread in the wild. Note that there is a SquirrelMail plugin that does scan for viruses, but it does so at login, and I think it scans everything in the INBOX (not sure about subfolders).... horribly bad idea as you can imagine -- easy way to cripple a busy server. Additionally, I think the signatures are set to periodically refresh from the plugin author's own server, which he has stopped updating regularly.
http://squirrelmail.org/plugin_view.php?id=202 So the point I want to make is that this has been done before, but the idea needs a lot of refinement. If the idea is to allow a user to click on a "scan" button in the interface, or somehow define a criteria for which messages to scan, and to allow scanning to happen at a user-defined/initiated time, that probably wouldn't be very hard to do in the form of a SquirrelMail plugin. If anyone wants to write one (or better yet, contact Jimmy, the author of the one referenced above and work with him to build these other types of scanning into that plugin), come 'round the squirrelmail-plugins mailing list and we'll be happy to help. Although I too would advocate for scanning at the time of receipt and leaving this out of the client, there are perhaps lots of people who want something a little different, thus we'd love to see a SquirrelMail plugin for this kind of thing that is more fully functional and that isn't a web server killer. Cheers, Paul > 1. Stephen Gran, you mention a 'php library with clamav bindings' how does > that help me? is that something i should be looking into in relation to a > squirriel mail plugin? > > 2. James Kosin, you've said 'be sure to get clamdscan to scan for viruses > or > get a script to scan when checking email. There are plenty of choices out > there.' Can you point me in the direction of a few of those scripts? > > 3. Joe Polk, you said 'OpenWebMail has a hook into clamav and it looks > better than Squirrelmail'. I know this thats where i got the idaea, but i'm > using Squirriel Mail on my server at the moment with a lot of squirriel > mail > plugins, so i would like to stay with it. But both are webmail clients, i > would imagen if one could do it so could the other ... > > 4. Dennis Peterson, your've said 'One difference is the T-bird client uses > client cpu clicks whereas squirrel mail uses server clicks. Unless you can > come up with a browser based scanner. 10,000 users all clicking and > scanning > at the same time seems like a potential problem for the average server'. > thats very true, i never thought of that, although if Freddie Cash is > saying, 'it could be mitigated using clamdscan in a SM plugin instead of > clamscan. While it would still be using server CPU resources, it shouldn't > be nearly as bad' that would be better and as Joe Polk has said before > there > is a plugin for openwebmail then i can't see why there would be one for > squirriel mail? > > i guess i'm still looking for an answer? so far i can tell that it is > possiable (openwebmail uses one) but it just hasn't been made yet ... or no > one knows of one? > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Freddie Cash > Sent: Tuesday, 10 January 2006 7:17 > To: ClamAV users ML > Subject: Re: [Clamav-users] Squirriel Mail clamav scanner > > > On January 9, 2006 11:46 am, Dennis Peterson wrote: > > > On January 9, 2006 11:06 am, Jeremy Kitchen wrote: > > > > just reject viruses at the front door, and you'll be fine. > > > > 'client-side' scanning (squirrelmail IS a client, even though it's > > > > run on a server) is not a 'feature'. Don't think you should do it > > > > that way just because thunderbird does it. The only reason > > > > thunderbird or kmail have client-side virus scanning support is > > > > because some providers don't do their own scanning. > > > > Re-read your last sentence, then compare how Thunderbird accesses > > > messages from a POP server compared to how SquirrelMail accesses > > > messages from a POP server using the built-in Mail Fetch plugin (that > > > completely by-passes any and all mail servers at the site using > > > SquirrelMail). There is no functional difference, so why should one > > > client be allowed to scan messages while another isn't? > > > > While it's not the most optimal setup, having the option to scan > > > messages in the mail client should not be frowned upon. If your mail > > > provider does not scan your incoming messages, then the mail client > > > is a good place to scan messages. After-all, it's the only place > > > *you*, the recipient, fully control access to the e-mail message. > > > One difference is the T-bird client uses client cpu clicks whereas > > squirrel mail uses server clicks. Unless you can come up with a browser > > based scanner. 10,000 users all clicking and scanning at the same time > > seems like a potential problem for the average server. Personally I > > don't think there's such a thing as being too late to scan for viruses, > > but I do think if it's going to happen on my servers it's also going to > > be my processes with customer policy input that does it. > > Now that's a genuine concern, but it could be mitigated using clamdscan in > a SM plugin instead of clamscan. While it would still be using server > CPU resources, it shouldn't be nearly as bad. Not sure how clamd would > handle a couple hundred simultaneous requests to scan files, though. > > Perhaps a better mechanism would be to hook a virus scan into any > download / view actions for attachments, similar to the way > Yahoo!/Hotmail do things. That way, it wouldn't scan every message as it > came in, but would only scan messages with attachments, when those > attachments are accessed. > > But that's getting into the realm of the SM developers, and not so much > the clamav devs. :) > -- _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
