> John Madden wrote: > > >> I'm running postfix; I won't run qmail. > > Well, at least you have some redeeming points :) > > But, (getting into sermon mode once again), anyone who relies solely on > only one point of detection for any type of mail content inspection, are > literally bending over and begging for it. > > Every type of content detector, be it virus, spam or exploits, will at > times lag. Fact of life. > I run clamav as my inbound mail server (for a small company of about 30 users) and run McAfee on their desktops. A few months ago, a virus made it past BOTH scanners. Within 2-3 hours of the outbreak, both clam ,McAfee, and Norton had updated defs files ... both automatically installed.
Short of delaying mail by hours, you can't catch 100%. User training is a major factor as well .... don't open attachments from strangers :) > I do, and admit freely, only run Clam for virus detection these days, but > I know there will be rare occasions that it misses something. However, > most of this crap will fall prey to many other types of content > inspection. Design a proper scanning|detection system, do not wholly rely > on the individual components. > > And with regards to the update times, I previously ran several virii :) > scanners on this system, and not one of them compared to Clam for > detection rates or definition update speed over a prolonged period of > time. > > > Matt > _______________________________________________ > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > -- Ken Jones _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
