SLUG Mailing List Archives
Re: [SLUG] sendmail virus filtering
- To: Jeff Waugh <jdub@xxxxxxxxxxx>
- Subject: Re: [SLUG] sendmail virus filtering
- From: Grant Parnell <gripz@xxxxxxxxxxxxxx>
- Date: Mon Nov 26 16:41:21 2001
- Cc: <slug@xxxxxxxxxxx>
On Sun, 11 Nov 2001, Jeff Waugh wrote:
> <quote who="Dennis M. Gray">
> > Can anyone recommend some virus filtering software that could be invoked
> > when processed by sendmail or at least post-processed when aliasing?
> Amavis, on both counts. It's very cool, and blows apart all the compressed
> and Microsoft-butchered mail so it can scan the Very Insides. :)
> Teamed up with NOD32 or AVP (both proprietary, and 'Eastern Bloc'), it makes
> for a very good Windows Weenie Protection Mechanism.
> Amavis: http://www.amavis.org/
> NOD32: http://www.nod32.com.au/
> - Jeff
I dare say probably any of these can be combined with Mfilter which I'm
probably the main developer of at the moment. Works with sendmail and Exim
that we've tried so far but is probably easily adapted to others, worst
case you can run your existing MTA on a different port and write something
to direct the passed emails to it.
You basically receive mail with Obtuse-smtpd listening on port 25, pass it
through Mfilter which is basically a perl script (for the moment) that
performs some check of your chosing (virus scan, custom script, file type
blocking, sender/receiver based blocking) and decides whether the mail
should continue or be trashed/archived. If it's passed it then gets
forwarded (using smtpfwdd) to your regular MTA for onward delivery. Mailed
messages optionally respond to the sender telling them their mail may have
a virus for example (and includes the log - optionally).
There's also a script that does nice pretty statistics and outputs HTML
Grab the latest version out of CVS off SourceForge, the current 'release'
is truly ancient, the CVS one is stable enough and runs in a user context
rather than as root.
Phone/fax: 02 4950 1194
Mobile: 0408 686 201