Hi there, On Wed, 1 Jun 2016, Eljai Mohammed wrote:
Within the framework of a project for a sensitive client, we would like to put in place clamAV in order to scan the users? uploaded files through a web interface.
I have difficulty in reconciling the concepts of a "sensitive client" and "users uploaded files through a Web interface". You could give more information, such as what operating system(s) you plan to use, and what other software.
To what extent is clamAV reliable?
MTBF measured in years on my systems, but see qualification below.
Do you recommend it in a production environment?
A qualified 'Yes'. The qualification being that I have only seriously used ClamAV as filter (Sendmail milter) for scanning mail, and I don't care very much about viruses. Even if ClamAV has scanned an attachment and failed to find anything malicious, if the attachment looks like an executable it is usually quarantined here by custom MIMEDefang rules, so the addressee sees only a message saying that an attachment has been removed from the mail as a precaution.
If yes, do you have references that use it in production?
I have used it in production for many years on several mail servers, and I would guess that many subscribers to this mailing list have also. There have been occasions when ClamAV updates have caused a few problems, but my cautious approach to updates (e.g. wait a few weeks) has generally protected my systems from that kind of thing.
Does it worth a paid anti-virus? (KasperSky or Symantec)?
I do not understand the question, and I have very little experience of the products which you mention. My experience with Symantec has been, I would say, patchy - but I have only used it on clients' workstations running Windows XP, Windows Vista and Windows 7. I often use "Jotti's Malware Scan" to test suspicious files which have been filtered by my mail filters, not just ClamAV, and I can assure you that NONE of the malware scanners (including those you mention) in the list on Jotti's site will give you 100% detection of malicious files. -- 73, Ged. _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
