On 23/08/04 10:53 +0530, Sameer D. Sahasrabuddhe wrote:
On Sun, Aug 22, 2004 at 10:35:03PM +0530, Devdas Bhagat wrote:
The setup itself is trivial. Depending on your mail volume, you may want to farm the scanner to another system altogether. Another trick to reduce the load is to use Postfix 2.x which has a built in MIME parser and block attachments with specific extensions (.pif, .com, .exe, .vbs, etc).
What I am specifically looking for is a setup that can eliminate the need to blindly drop zip files. Our servers already use clam with qmail.
More recent versions of amavisd-new identify encrypted zip files and can take action on that.
Is there an auto-learning phase involved? What are the pro's and cons of such auto-learning scanners?
No autolearning phase.
The mail I received mentioned an autolearning phase, hence the question.
I just wanted to cover some ground based on other people's experience before digging. I suppose clam is a safe bet as usual. Any numbers about the performance? Especially missed viruses and false hits.
No missed viruses, two false hits from amavisd-new when someone sent a .dll file (banned by policy, so it had to be pulled out of quarantine).
Devdas Bhagat