-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 14 Apr 2010, Sven wrote:
I see a leakage with on-access virus scanning while using IMAP. Imagine users
are sharing mailboxes, one uploading malware via imap, others downloading it
via imap.
Another one is the above mentioned virus scanner update.
Scanning in the MUA is nice but can't deliver 99% sureness. I can't control
every client.
In my next setup there will be a SSL/SASL only configuration. So proxies will
have problems and are one more possible point of failure (and need
maintenance).
The only solution i see for this is a general AV-daemon or something like
dazuko to scan whole disk activity. Weekly scans of the whole filesystem are
usefull anyway.
Or some dovecot filter plugin.
You've mentioned to not scan on the mail server, didn't you?
Well, the protocol-aware firewall can act as proxy itself, hence, decrypt
the connection itself and forwards the commands as plain text.
Or use another Dovecot instance for proxying and decrypting and put the
scanner in between the Dovecot proxy and the backend Dovecot.
Regards,
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS8WkI7+Vh58GPL/cAQKCoQf/a75CgIwRiRbmu2uB+TErgdCK4mGxsiRC
PotZ2oCs8D0jkPEOclkGHECEwCCq7WY0TRjDveHcIXjbn4YVjKJECu4bHfEpfoxo
3Bns+Z9g/NqZupbp7m8JFnJagYdp4dhbHqvQPC44DTzLgO5gdnM5+z3KsVh7c/lN
pSk7zxrvoxI96H73mWzs3mM63WS/4ZWC/1ACZMKGX7zQcKiwWCJwMLrXL0/EKjdW
jyzJ/iqluCKSKZVIEXI6I29CBWrLqVwFlJNxUBi8HsY/uACfHGNL9KrvNnGEUfUW
07TErTobeatm6LnTUOJcyEK8Yu9FPX79w0lo2O6x24o8UIiojtc6jw==
=isH/
-----END PGP SIGNATURE-----