Menu
▾
▴
Re: [webmin-l] virus scanner
|
From: Daniel P. <da...@ri...> - 2005-09-26 01:46:56
|
Craig White <cra...@az...> writes:
> On Mon, 2005-09-26 at 10:54 +1000, Daniel Pittman wrote:
>> da...@so... writes:
>>
>> > I was wondering what the word on the street is on the MailScanner
>> > software. I note there's a webmin module written for it. Just
>> > wondering about functionality, scalibility, and upgrading.
>>
>> The scanning, etc, side of MailScanner works very well -- as well as
>> anything else out there, basically.
>>
>> Personally, I wouldn't deploy it even if someone paid me, though.
>>
>> MailScanner depends, by design, on poking around in the innards of the
>> mail queues of the mailers it uses. This is ... an interesting
>> approach, since none of the major mailers actually document the queues,
>> or expect random software to poke at them.
>>
>> It does basically work, but I really don't feel comfortable depending on
>> a package that uses as undocumented and unsafe interface to process my
>> email.
>>
>>
>> I would recommend, rather, the 'amavisd-new' package, which does a much
>> finer job of using standard, documented interfaces to pass email around.
>
> fwiw, I use mailscanner with both sendmail and postfix mta's and have
> had no problems with it whatsoever. Different strokes for different
> folks I guess.
Oh, I don't question that MailScanner *works*. I just question the
wisdom of using a product that explicitly depends on undocumented,
internal features of other product to function correctly.
When Postfix or Sendmail decide to change their internal queue format,
which has happened before and will doubtless happen again, MailScanner
will no longer function correctly.
The author of Postfix, at least, has explicitly stated that this sort of
fiddling with the internal queues is not supported, as well. I believe
that it currently works by accident, rather than design, as it doesn't
update all the related internal information.
So, it isn't that MailScanner will fail to work today that bothers me.
It works, and does a decent job.
What bothers me is that it *will* break at some unknown point in the
future. When it does, it may not just stop working, it may well corrupt
every bit of email that passes through it.
/That/ is what I worry about. I don't want to have to find out if there
have been any changes to the mail queue handling in Postfix or whatever
before I apply a security patch.
I want things to just work. Pretty much every other mail scanner out
there uses documented, public protocols and interfaces, so I can trust
'em to keep working right when things change.
MailScanner doesn't. Now, sure, you may not care about that, and if you
don't, go ahead and use MailScanner. It will work, for now. :)
Daniel
|
