Why is AS14061 on your block list? On Mon, Sep 14, 2020 at 2:58 PM G.W. Haywood via clamav-users < clamav-users@lists.clamav.net> wrote:
> Hi there, > > On Mon, 14 Sep 2020, bobby via clamav-users wrote: > > > I plan to use it for email processing. I am using postfix > > currently. There are no other users besides myself, and it's only > > one domain. > > What mail clients will there be? Any Windows boxes? To protect a > Linux box against malware is relatively straightforward[*]. I use > Linux more or less exclusively and I use ClamAV because I do a lot of > spam processing, not because I feel the need for protection. > > For mail scanning you'd normally run two daemons, 'clamd' which is the > actual scanner and a 'milter'. The milter takes messages from the MTA > and passes them to clamd for scanning, then advises the MTA of clamd's > findings. That might explain your confusion about services but I know > little about the way Centos does things. ClamAV provides a milter, > unsurprisingly called 'clamav-milter'. It does a bit more than I've > described here but that's its main job. > > Personally I prefer not to use the distro-specific versions of things > like ClamAV, partly because the distro maintainers almost invariably > mess with things to comply with "policies" and partly because they're > often not quite as up to date as you'd like in something like a virus > scanner. ClamAV isn't so very difficult to install from source, and > you'll learn a lot about it in the process. OTOH on security grounds > you might not want for there to be a compiler available on the box - I > would certainly not want one on a firewall for example. > > > This may be a silly question to ask here... but is there any other > > decent anti-virus software that does not take up as many resources? > > If you want open source, I don't think there's anything else. There > are commercial packages. I don't know how they compare for resource > usage as I have no experience of any of them. See e.g. > > https://en.wikipedia.org/wiki/Comparison_of_antivirus_software#Linux > > A very few claim to be free, but you will still need a (proprietary) > licence and probably have to accept some terms before you even get a > copy of the package. > > > I am currently running my box in DO, and it looks like the next step > > up for RAM is 4GB. > > DO == Digital Ocean? AS14061 is in my block list. :) > > -- > > 73, > Ged. > > [*] Don't run any network-listening daemons that you don't have to, > don't accept any connections you don't have to, and don't accept any > connections from China and a bunch of other places with, er, history. > Use common sense browsing habits - like using advertising and script > blockers, not visiting porn sites etc. Of course keep the security > patches up to date, don't let things run as root if they don't have > to, don't run anything you don't have good reason to trust, use good > passwords and don't give them away. Any number of places on the net > can probably add a few items to that short list. This approach is a > lot less likely to fail because of a zero-day vulnerability which the > virus scanners haven't yet caught up with. Postfix itself will need > to listen to the network so make sure if it is compromised by a zero- > day vulnerability the user which runs Postfix can't do anything bad to > the box (the same theory applies to clamd and any milters) without at > least exploiting _another_ vulnerability to get elevated privileges. > If you've done your homework well and kept on top of things there most > probably won't be one. Unluckily if you're using a provider to supply > the machine itself it's most likely virtual, meaning a vulnerability > in the VM could be used to exploit not only _your_ VM, but very likely > thousands of others as well. In that case, expect not to recover it. > You'll want to know that you have backups you can rely on; to me that > means it's in my office, not in some cloud in nobody-knows-where, and > I made it last night. > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml >
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
