Postfix anti-antivirus (was Re: [linux-elitists] procmail recipe for mydoom?)

Jeff Waugh jdub@perkypants.org
Mon Feb 2 16:33:56 PST 2004


<quote who="Andrew">

> > Reject *means* bounce (when a real MTA is the client).
> 
> But if someone is sending me a virus and I reject the message they're
> sending, how am I adding to the problem?

If the client is an MTA, and you reject the mail, the MTA will send a
bounce. You can't guarantee that all virus mail is being sent by shitty SMTP
client code in worms. ;-) They usually fall back to upstream MTAs anyway.

> > It seems so; Clam has been quicker than some of the proprietaries in
> > recent times.
> 
> Yeah I caught that too when the last worm was making its rounds and Rav
> didn't have a signature for it until about 36 hours after CLAM claimed to
> have it.  I think I need to give this more thought.  :-)

postfix + amavis + clamav + spamassassin -> awesome team. ;-)

- Jeff

-- 
GVADEC 2004: Kristiansand, Norway                    http://2004.guadec.org/
 
       "That whole 'you complete me' thing is just tragic and totally
                 unrealistic. Go complete yourself." - Anon



More information about the linux-elitists mailing list