On Thu, 7 Aug 2008 10:06:09 -0400 (EDT) jef moskot <[EMAIL PROTECTED]> wrote:
[snip]
>Currently, we accept all infected mail, and quietly quarantine it. We
>don't refuse it at SMTP connect, although I might be able to be
>convinced that that's a better idea. Still, I'd like to maintain the
>current behavior, since that's what everyone is used to.
Depending on the quantity of emails your receive, you might very well
significantly reduce the load on your system by using one or perhaps a
few RBL's. There is no point, at least in opinion, of accepting mail
that is obviously SPAM.
>So, basically, all I need is a replacement for a perl script that
>throws a wad of text at clamscan and then either passes it on for
>normal delivery or stashes it away in a quarantine directory, with a
>note passed on to a local admin address in the latter case.
>
>Since amavis seems to have morphed into a monster with a million config
>options, links to SQL databases, and it's own separate milter that you
>need to run along with it(!), I was looking at clamav-milter, which
>looks simple and also comes with the benefit of a community I'm
>comfortable with.
>
>I can't find any decent documentation on it, however, (if I'm missing
>something obvious, please point me at it!) and it seems to jam mail at
>SMTP connection time rather than accepting and scanning later. I've
>found references to using it to quarantine messages, which would be
>perfect, but I haven't seen the docs to explain how to do that.
>
>Also I've found some explanations of how to compile clam to get the
>milter, but those were in connection with FreeBSD ports, and I don't
>like to have to wait until an update has been bundled before I can
>deploy it.
The FreeBSD ports for ClamAV are usually up-to-date. Rarely is there
more than a day or two lapse between the release of a new version and
the release of it into the FBSD ports system. Using the ports system
would also make updating your ClamAV installation far easier.
>Any advice would be welcome, including "STFU and RTFM", as long as you
>can point me to a decent manual. Thanks!
You did not mention your MTA. If it is Postfix, I think your might want
to investigate something like "clamsmtp" since the ClamAV Milter does
not work exactly like it does in Sendmail. It does work; however, a few
of the options are not compatible.
--
Gerard
[EMAIL PROTECTED]
Learning without thought is labor lost;
thought without learning is perilous.
Confucius
signature.asc
Description: PGP signature
_______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
