Hi Luca, On 27.09.22 14:19, Luca Bertoncello via Exim-users wrote:
Hi list!Currently, at office, we use Kaspersky, Avast and ClamAV as Antivirus programs. All these programs will be used within Exim, to check all inbound and outbound E-Mails.Now, we know, Kaspersky/Russia/problem/etc... So, we must search an alternative to Kaspersky.Unfortunately, I didn't found anything that works good on Linux and have a good recognition rate.Now the question to you: can someone suggest me one (or more!) product to use in enteprise context to protect our E-Mails? Very important: the scan _must_ be done within Exim to allow us to reject infected E-Mails.I tried ESET, and it seems to work good, but unfortunately is not available anymore...
I have successfully integrated WithSecure (F-Secure for Bussiness) Scanner a few weeks ago. Integration was done using the cmdline interface. I have a small shell script that does some additional analysis/logging but basically, I just use
WITHSECURE_SOCKET = cmdline:\
/opt/f-secure/linuxsecurity/bin/fsanalyze %s:\
result=(infected|suspected):\
infection=([^ ]*)
There are still some few mails only recognized by KLMS. I think you can
always find a thread that is first recognized by one engine and only
later by others. Also I had to tune the WithSecure settings a bit about
archives.
Getting WithSecure installed on our servers was the harder part. Let me know, if you need help there.
Best, -- Patrick Cernko <pcer...@mpi-klsb.mpg.de> +49 681 9325 5815 Joint Scientific IT and Technical Service Max-Planck-Institute für Informatik & Softwaresysteme
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
