On 1/3/2012 11:09 AM, /dev/rob0 wrote: > On Tuesday 03 January 2012 09:26:57 Frank Bonnet wrote: >> I'm searching for a friend (who has very few money) an open source >> antivirus scanner for email server that works with Postfix. >> >> Any infos/links/advices welcome > > One link, Google, would have easily found clamav. > > Info/advice: with postscreen(8), sane HELO restrictions, and good > DNSBLs, clamav is not going to get much use. > > http://www.postfix.org/POSTSCREEN_README.html <-- Postfix 2.8 req'd > http://readlist.com/lists/postfix.org/postfix-users/28/140973.html > http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt > http://www.spamhaus.org/zen/ <-- worth the cost if not gratis for you > http://www.spamhaus.org/whitepapers/effective_filtering.html > http://barracudacentral.org/rbl <-- gratis but registration req'd > http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list > http://spammers.dontlike.us/ <-- anti-spam discussion list > > Spam fighting is a huge field, and content filtering such as clamav > certainly is not the best place to start. After the above, content > filtering with Amavisd-new ( http://www.amavis.org/ ) is the next > step. Continue on to clamav if you think it will be worth your time; > my guess is that it would not be.
To add to this sentiment, haven't most/all the viri/malware pushers switched from an email delivery vector to drive-by downloads? I can't recall the last time I saw a viral email attachment. I see and hear of drive-by attempts quite frequently. I see and hear of hyperlinks to malware inside spam. ClamAV won't help here. But the methods mentioned above will. -- Stan
