Menu
▾
▴
RE: [webmin-l] virus scanner
|
From: Vernon J. S. <ve...@ve...> - 2005-09-26 02:07:26
|
Clam AV is a really good mail scanner and there is a lot of docs on them. ------------------------------------------ Vernon J. Spangler http://www.vernonspangler.org/ (520) 990-1863 Cell ve...@ve... ------------------------------------------ Powered by Windows XP Professional Sent by Microsoft Outlook 2003 -----Original Message----- From: Daniel Pittman [mailto:da...@ri...] Sent: Sunday, September 25, 2005 6:47 PM To: Craig White Cc: web...@li... Subject: Re: [webmin-l] virus scanner Craig White <cra...@az...> writes: > On Mon, 2005-09-26 at 10:54 +1000, Daniel Pittman wrote: >> da...@so... writes: >> >> > I was wondering what the word on the street is on the MailScanner >> > software. I note there's a webmin module written for it. Just >> > wondering about functionality, scalibility, and upgrading. >> >> The scanning, etc, side of MailScanner works very well -- as well as >> anything else out there, basically. >> >> Personally, I wouldn't deploy it even if someone paid me, though. >> >> MailScanner depends, by design, on poking around in the innards of the >> mail queues of the mailers it uses. This is ... an interesting >> approach, since none of the major mailers actually document the queues, >> or expect random software to poke at them. >> >> It does basically work, but I really don't feel comfortable depending on >> a package that uses as undocumented and unsafe interface to process my >> email. >> >> >> I would recommend, rather, the 'amavisd-new' package, which does a much >> finer job of using standard, documented interfaces to pass email around. > > fwiw, I use mailscanner with both sendmail and postfix mta's and have > had no problems with it whatsoever. Different strokes for different > folks I guess. Oh, I don't question that MailScanner *works*. I just question the wisdom of using a product that explicitly depends on undocumented, internal features of other product to function correctly. When Postfix or Sendmail decide to change their internal queue format, which has happened before and will doubtless happen again, MailScanner will no longer function correctly. The author of Postfix, at least, has explicitly stated that this sort of fiddling with the internal queues is not supported, as well. I believe that it currently works by accident, rather than design, as it doesn't update all the related internal information. So, it isn't that MailScanner will fail to work today that bothers me. It works, and does a decent job. What bothers me is that it *will* break at some unknown point in the future. When it does, it may not just stop working, it may well corrupt every bit of email that passes through it. /That/ is what I worry about. I don't want to have to find out if there have been any changes to the mail queue handling in Postfix or whatever before I apply a security patch. I want things to just work. Pretty much every other mail scanner out there uses documented, public protocols and interfaces, so I can trust 'em to keep working right when things change. MailScanner doesn't. Now, sure, you may not care about that, and if you don't, go ahead and use MailScanner. It will work, for now. :) Daniel ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php - Forwarded by the Webmin mailing list at web...@li... To remove yourself from this list, go to http://lists.sourceforge.net/lists/listinfo/webadmin-list |
