On Wed, 6 Sep 2006, Todd Lyons wrote: > On Wed, Sep 06, 2006 at 09:44:01PM +0200, [EMAIL PROTECTED] wrote: > > >I do think that there is too much of a danger of denial of service attacks > >or mail failure due to the milter crashing if you scan your mail during > >the SMTP phase. I have regularly seen ISPs that can't accept mail because > >of this problem. I would (at the risk of being repetitive, as I have > >argued this before) therefore like to point out the benefits of using a > >manager for clamav such as Amavis (which I have never used) or MailScanner > > Ok, so instead of: > sendmail -> clamav-milter -> clamd > You propose: > sendmail -> amavis-milter -> clamscan > > There's no advantage to amavis in this case, and it's actually worse if > it's using clamscan since it has to load the virus database everytime. > > I don't know how to configure amavis to *NOT* be run at SMTP phase.
Sorry for my mistake then. In that case go with MailScanner which does not get involved with the SMTP phase at all. > >(which I do use and highly recommend). This means that your MTA can > >cope much better with a large peak of incoming mail and then let the > >scanning manager take care of the virus scanning (as well as other actions > >such as dealing with spam, complying with user policies etc) off line. > > Sending bogus DSN's is not a good netizen. I am not sure I understand you. Are you referring to the dsn=2.0.0 when we accept mail we are not going to deliver? When I am dealing with an unwanted intruder in the middle of the night I don't exactly offer him the politenesses that I would a normal visitor. The rules change. Regards Jim Holland System Administrator MANGO - Zimbabwe's non-profit e-mail service Tel: (263-4)-334111/304471 _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
