RAV AntiVirus for Qmail
Dear Qmail users, GeCAD Software is glad to announce you the last release of RAV AntiVirus for Mail Servers: http://www.ravantivirus.com The product is available for: Linux, FreeBSD, OpenBSD. Subject: 1. RAV AntiVirus for Mail Servers new release 2. Protect critical company data! 3. Improve your ISP services! 4. Make RAV work your way! 5. New and flexible licensing scheme! 6. Update services 7. Our technical support is here for you! 8. Discussion lists and info 1. RAV AntiVirus for Mail Servers protects your e-mail stream directly from the mail server. It doesn't matter in which format type the messages are sent and received, or how many attachments they have: deep down in your Mail Server, RAV AntiVirus will be watching, detecting and removing all threats. 2. Protect critical company data! Defend your critical data from viruses before they can penetrate and spread in your company! Big corporations with demanding security policies and small companies with limited budgets can both protect their internet traffic at a proper cost. No matter the size of your company you can acquire different packages, depending on your needs of protection. 3. Improve your ISP services! RAV AntiVirus is the perfect solution for the ISP's Mail Servers, which are dealing with heavy traffic and large amount of clients. RAV AntiVirus can improve the services to your customers by scanning the email flow and add protection against viruses for the domains hosted, allowing you to purchase security on a growing basis through a special acquisition program. 4. Make RAV work your way! RAV AntiVirus for Mail Servers is flexible and scalable, allowing independent configuration of the scanning module, fully independent from the Mail Server. In the configuration file you can customize the actions to be taken by RAV when detecting a virus - clean, rename, delete, ignore - and benefit of advanced features, like warning the sender, warning the target or warning a third party (for example server administrator) when detecting an external threat. Also, all the messages generated by RAV AntiVirus can be edited to fit your language and the security policy of your company. 5. New and flexible licensing scheme! The more you buy - the less you pay for each internet domain! RAV AntiVirus for Mail Servers can be purchased through an exceptionally scalable Licensing Program, with a special price depending of the number of domains protected by RAV and unlimited number of mailboxes. You can buy the number of licenses that suites you better, and, in time, as your company grows, you can acquire additional licenses. The Licensing scheme includes 1 year Free Updates and full technical support. 6. Update services! When purchasing a RAV product, the license includes one year Updates. The Updates includes: - new virus signatures - engine extensions - completely new versions of the product - availability of the technical support services By purchasing the update you will always have the latest version of the product, with the most up to date virus signature database. You can extend the update services by purchasing Update Extension at only 20% of the product value per annum! 7. You are not alone - our technical support is here for you! RAV AntiVirus Desktop license includes Technical Support by: - e-mail; - phone support, 24 x 7 x 365, offered by your local distributor or by GeCAD Software; - participating to specific Discussion Lists. - You can even have a Personal Technical Advisor at your disposal for an additional fee. 8. We invite you to join our discussion lists: http://www.ravantivirus.com/browse.php/lists/about For any additional information, or any suggestion (technical or commercial), please contact us at: [EMAIL PROTECTED] Best regards, Mihai Serban -- Software Developer - GeCAD The Software Company Tel./Fax: +40-1-321.78.03; Hotline: +40-1-321.78.59; Please visit http://www.gecadsoftware.com; http://www.ravantivirus.com
Re: RAV AntiVirus for Qmail
* Mihai Serban [EMAIL PROTECTED] [010625 11:33]: Dear Qmail users, [snip] Dear Mihai, Please add me to your list of people who will never use your service or software. Your advertisement is NOT appreciated on this mailing list, certainly not by me and likely not by others. /pg -- Peter Green : Architekton Internet Services, LLC : [EMAIL PROTECTED] --- Many computer scientists have fallen into the trap of trying to define languages like George Orwell's Newspeak, in which it is impossible to think bad thoughts. What they end up doing is killing the creativity of programming. --- Larry Wall
how do we integrate antivirus with qmail
hi all how do i integrate antivirus scanner for incoming and out going mails. i have qmail+vpopmail+mysql any help will appriciate
Re: how do we integrate antivirus with qmail
http://qmail-scanner.sourceforge.net Jeff Palmer [EMAIL PROTECTED] At 02:59 PM 6/14/01 +0530, you wrote: hi all how do i integrate antivirus scanner for incoming and out going mails. i have qmail+vpopmail+mysql any help will appriciate
Re: how do we integrate antivirus with qmail
hi all how do i integrate antivirus scanner for incoming and out going mails. i have qmail+vpopmail+mysql any help will appriciate http://qmail-scanner.sourceforge.net All information you need should be there. Cheers Lars Hansson Technical Consultant Unet Inc., Philippines
Re: AntiVirus
The best antivirus for qmail is AVP www.avp.ru D. Riera GARGIULO Eduardo INGDESI wrote: Hi all. Where can I find information about antivirus for qmail (scan incomming and outgoing messages)? thanks --yapedu
Re: AntiVirus
Hi, RAV AntiVirus can help you: http://www.ravantivirus.com regards, Mihai GARGIULO Eduardo INGDESI wrote: Hi all. Where can I find information about antivirus for qmail (scan incomming and outgoing messages)? thanks --yapedu -- Software Developer - GeCAD The Software Company Tel./Fax: +40-1-321.78.03; Hotline: +40-1-321.78.59; Please visit http://www.gecadsoftware.com; http://www.ravantivirus.com
AntiVirus
Hi all. Where can I find information about antivirus for qmail (scan incomming and outgoing messages)? thanks --yapedu
RE: AntiVirus
http://qmail-scanner.sourceforge.net/ -Original Message- From: GARGIULO Eduardo INGDESI [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 05, 2001 12:29 PM To: qmail list Subject: AntiVirus Hi all. Where can I find information about antivirus for qmail (scan incomming and outgoing messages)? thanks --yapedu
Re: AntiVirus
At 14:28 05.06.01 -0300, GARGIULO Eduardo INGDESI wrote: Hi all. Where can I find information about antivirus for qmail (scan incomming and outgoing messages)? thanks --yapedu Try http://www.math.ntnu.no/mirror/www.qmail.org/top.html#microsoft Or any other mirror +--Sent from homeoffice--+ Hans Sandsdalen Phone Work: +47 77 66 08 09 System Manager Fax: +47 77 65 58 59 Tromsoe - Norway http://www.spacetec.no/~hans/ Kongsberg Spacetec a.s
antivirus for AIX 4.3.3
hello friends can some one please tell me which antivirus software is available for AIX platform and can be used with Amavis and qmail running on IBM AIX 4.3.3. i know only one sophos , any other is there thank regards Prashant Desai
Re: antivirus for AIX 4.3.3
hello friends can some one please tell me which antivirus software is available for AIX platform and can be used with Amavis and qmail running on IBM AIX 4.3.3. i know only one sophos , any other is there thank regards Prashant Desai You can try the McAfee anti-virus 4.14.0 with AMaVis+qmail packages. I use it on every server I build, and works wonderfully. And for DAT update, just build a little bash script, powered by wget ;) www.nai.com / www.mcafee.com Best Regards, -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Eduardo Augusto Alvarenga - Analista de Suporte - #179653 Blumenau - Santa Catarina. Tel. (47) 9102-3303 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Re: antivirus for AIX 4.3.3
thanks a lot Augusto but is that Anti-virus softwrae available for AIX 4.3.3 platform , thnaks regards Prashant Desai Sure ;) And also, Linux, *BSD, Solaris, BSDi, SunOS and any other UNIX relevant system. Get a evaluation version on McAfee web site (I suggest to buy a copy, it's cheap whatever). Look for the package TVD - Total Virus Defense. B.R. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Eduardo Augusto Alvarenga - Analista de Suporte - #179653 Blumenau - Santa Catarina. Tel. (47) 9102-3303 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Re: antivirus for AIX 4.3.3
Eduardo Augusto Alvarenga wrote: hello friends can some one please tell me which antivirus software is available for AIX platform and can be used with Amavis and qmail running on IBM AIX 4.3.3. i know only one sophos , any other is there thank regards Prashant Desai You can try the McAfee anti-virus 4.14.0 with AMaVis+qmail packages. I use it on every server I build, and works wonderfully. And for DAT update, just build a little bash script, powered by wget ;) Are there any documents describing the process step-by-step ? (I mean AMaVis and qmail integration). Cheers, Lukasz
Re: antivirus for AIX 4.3.3
Are there any documents describing the process step-by-step ? (I mean AMaVis and qmail integration). Cheers, Lukasz The AMaVis anti-virus documentations are very complete, describes all the steps for qmail integration and other MTAs. Check it out at http://amavis.org B.R. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Eduardo Augusto Alvarenga - Analista de Suporte - #179653 Blumenau - Santa Catarina. Tel. (47) 9102-3303 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
antivirus
Hi, I need an antivirus who works with qmail in order to scan all the emails that are going thru my server, incoming and outgoing. Do you know such thing? If posible to be freeware and up to date. Ciprian Iftode, Professional Systems Romania str. Moara de Foc, nr.35, et.5, Iasi, 6600 tel/fax: +40-32-219907 Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such a case, you should destroy this message and kindly notify the sender by reply e-mail.
antivirus
Hi, could you recommend me some antivirus who will work with qmail in order to scan all emails that are going thru the server, incoming and outgoing. Freeware if is posible. 10x Ciprian Iftode, Professional Systems Romania str. Moara de Foc, nr.35, et.5, Iasi, 6600 tel/fax: +40-32-219907 Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such a case, you should destroy this message and kindly notify the sender by reply e-mail.
Re: antivirus
Ciprian Iftode [EMAIL PROTECTED] wrote: I need an antivirus who works with qmail in order to scan all the emails that are going thru my server, incoming and outgoing. Do you know such thing? www.qmail.org has the information you need. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: antivirus
Ciprian Iftode [EMAIL PROTECTED] wrote: Hi, could you recommend me some antivirus... I already answered your question earlier today. Please re-read it, and then go read what I told you to read in that message. Your answer is there. Re-posting the question with no changes wastes the time of everyone on the mailing list, and is considered rude behaviour. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
RE: antivirus
there's a commercial package of AVP for linux available. http://www.avp.ch we've bought it but not yet installed, it is said to be compatible with qmail. Fred. Beleteau -Message d'origine- De : Charles Cazabon [mailto:[EMAIL PROTECTED]] Envoye : vendredi 23 mars 2001 17:02 A : [EMAIL PROTECTED] Objet : Re: antivirus Ciprian Iftode [EMAIL PROTECTED] wrote: I need an antivirus who works with qmail in order to scan all the emails that are going thru my server, incoming and outgoing. Do you know such thing? www.qmail.org has the information you need. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Antivirus which can clean any infected mail
Dear all, I am loooking for an antivirus which can scan as well as clean my all incoming and outgoing mails, i am allready using amavis with mcafee. But with amavis only scaning is happening not cleaning . And i am looking for cleaning option . Can you pl suggest me any ? Or is it poosible to clean mail also woth amavis ? Regards lokesh
RAV AntiVirus for Qmail
Dear Linux users, We are happy to announce that we have just issued a RAV AntiVirus version for Qmail. This beta version is now available on our site http://www.ravantivirus.com - free download, and we would really appreciate your feedback if you would take a time to install and run it! Thank you and enjoy it! Mihai Serban Software Developer - GeCAD The Software Company Tel./Fax: +40-1-321.78.03; Hotline: +40-1-321.78.59; Please visit http://www.gecadsoftware.com; http://www.ravantivirus.com Please visit us in Halle 2, c03, CeBIT - Hanovra 22-28 March 2001
Re: qmail+antivirus question
On Tue, Feb 06, 2001 at 03:59:29PM +0100, Tore Micaelsen wrote: Can anyone point me in the right direction? This should be easy to add to qmail-scanner... (perl) It's even planed AFAIK. Olivier -- _ Olivier Mueller - [EMAIL PROTECTED] - PGPkeyID: 0E84D2EA - Switzerland qmail projects: http://omail.omnis.ch - http://webmail.omnis.ch PGP signature
Re: AntiVirus!
On Tue, Dec 05, 2000 at 10:58:41AM -0500, [EMAIL PROTECTED] wrote: c) reminding users that, like the Canadian Inuit, who have 500 different words for "snow", that the German language has 1000 different words for "stupid". it hasn't, but it has thousands of ways to express ones stupidness. Could we now please stop this my-country-is-better-than-yours stupidity before it get's worse? Regards, Uwe
Re: AntiVirus!
On Tue, 5 Dec 2000, Nathan J. Mehl wrote: Um, ISTR that the Morris Worm did a pretty good job of spreading over heterogeneous UNIX-like systems over a variety of transports. The worm did not infect more than 10 % of all hosts. This estimate is based on the extrapolation of the number of infected hosts at MIT. A poll done by people at Harvard suggests the actual number for all Internet hosts may have been considerably smaller, approx. 1,000-3,000 hosts out of 60,000, i.e. 2-5 %. Unfortunately, one can only guess how many of those hosts were unix-like machines. Anyway, the numbers is not very impressive compared to what could be accomplished with "Microsoft monoculture" or any other monoculture (hmmm...a devil's advocate question: what would happen if qmail was the only MTA in the known universe?). --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
RE: AntiVirus!
Lipscomb, Al [EMAIL PROTECTED] writes on 5 December 2000 at 09:20:05 -0500 Al, please don't talk about stuff you don't understand. It's not a "product", it's free software. Wrong. Talked to an attorney last night who specializes in this kind of litigation. Person(s) X wrote code and person Y suffered a loss as a result of using that code. It does not matter if a "charge" or "payment" is involved. This is one of the interesting areas for Open Source software. Various attorneys have various opinions; I believe that this has not been definitively settled, or even close, in actual case law. Until there is precedent, it's still relatively open. And if there was any precedent for taking a software maker to a court for his bad software quality, California would have to declare bankruptcy. Then you have more problems that a few free software hackers. When did California become known for software manufacture? Are you thinking of Washington? Oh, sometime in the 60's. You are behind, aren't you? -- David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED] SF: http://www.dd-b.net/dd-b/ Minicon: http://www.mnstf.org/minicon/ Photos: http://dd-b.lighthunters.net/
RE: AntiVirus!
Al, please don't talk about stuff you don't understand. It's not a "product", it's free software. Wrong. Talked to an attorney last night who specializes in this kind of litigation. Person(s) X wrote code and person Y suffered a loss as a result of using that code. It does not matter if a "charge" or "payment" is involved. And if there was any precedent for taking a software maker to a court for his bad software quality, California would have to declare bankruptcy. Then you have more problems that a few free software hackers. When did California become known for software manufacture? Are you thinking of Washington?
Re: AntiVirus!
Thus spake Stuart Young ([EMAIL PROTECTED]): I disagree with the assertion that virus scanners are non-solutions. On the mail servers I run, I have installed some simple virus scanning software, and it has, up to now, filtered out lots of incoming virii and trojans, as well as a few outgoing virii (which alerted me as to who was infected, and allowed me to advise the IT folks so they could go clean it up). Its not a perfect solution, but its far better than nothing, and results in our location not becoming a source for that kind of garbage. Let me get this straight. Based on the fact that your virus scanner detected a few outgoing virii, you assert not only that it has detected all of them. I don't see how you got "All" out of "filtered out lots of incoming virii and trojans", which clearly does not say it covers everything. Please stop generalizing. Stuart, do you know the difference between "incoming" and "outgoing"? Are you aware of the meaning of "to become"? It implicates that you aren't already. In Europe, Elementary Schools have more professional IT departments than that. IT Departments are there to solve user problems, and to solve company/institution problems. A virus can quite happily be both. I have seen a number of 'network/computer issues' (outside of the office I am in) that have been related to virii causing unpredictable behavior. Ignoring the problem only allows it to fester, and will only make the final cleanup (which will most definitely be the IT Departments problem) much longer, problematic, and far more costly. How much does your company/institution price it's data, and it's down-time? My company does not have downtimes because of viruses. What do you mean with "computer issues"? I don't think I have those in my company. People will only notice the system administrator when something is broken. So, the job of the system administrator is to be invisible. And what operating system your network clients run is not always your decision to make. Of course it is. Otherwise you should leave the company to their doom. Technical decisions have to be made by the technicians who have to work with the stuff later. If that is not the case in your company, it is doomed to failure and misery and in the end it will be blamed on you nonetheless. A virus scanner isn't the whole solution. But it's a part of a solution that is definitely worth investigating. It may not necessarily be part of your solution, but your solution isn't necessarily good for anyone else either. Which part of the reasoning against virus scanners didn't you understand? You repeat exactly the same marketing lingo that the others guys also used. Is there some secret mind control conspiracy abound that makes people repeat phrases like "virus scanners are [...] a solution"? I don't get it. Is none of the Windows users open to rational arguments? Felix
Re: AntiVirus!
Thus spake Milen Petrinski ([EMAIL PROTECTED]): This is the biggest lie of computing: that there is no choice. Everyone has hundreds of options, but the American culture apparently revolves around taking the wrong choice, blaming it on circumstances and whining about the consequences. Just an example: You are installing a new mail server for a company, that uses Windows on their workstations. Than the boss says "What about viruses?" - will you reinstall all the machines,s OSes with *ix and teach them use it? I then tell the boss that his business is doomed unless he wipes Windows off his machines. I did this before and I will do this again. Sometimes the boss then asks me to train users, and as long as he pays me for it, why shouldn't I do it? Felix
Re: AntiVirus!
On Mon, Dec 04, 2000 at 04:18:52PM -0600, "John W. Lemons III" [EMAIL PROTECTED] wrote: I agree with this as well, but certainly you can see that there is some level of benefit from a two (or three) tier approach to virus detection/prevention. How does doing virus checking twice help? It should be done once when it is first loaded on to the client machine. It seems to me that one of the major solutions to this problem would be real OS level security on more machines (ie not windows). The big problem there is cost, training, availability of software, politics, user acceptance, etc etc ad nauseum. No the problem is active documents. These can cause problems under any moderately useful OS. When people get files that act as though they are read only, it is a good idea to make sure that they really are read only so that it isn't easy to fool people. Windoze doesn't have a monopoly on active document formats. Latex/Tex and Postscript (though unix postscript readers generally don't allow the dangerous functions to work) both allow for active documents that can cause problems. Their idea of running files that are clearly labelled as programs from web pages and email messages without really making sure the user understands the risk, is something I do think they have a monopoly on.
Re: AntiVirus!
On Tue, 5 Dec 2000, Felix von Leitner wrote: People will only notice the system administrator when something is broken. So, the job of the system administrator is to be invisible. So you are saying, the job of the system adminsitrator doesn't include a) removing your www permissions because you remind him he has hairy legs b) changing your password because it's Tuesday and you forgot to send the weekly installment of "Debbie does BOFH" c) reminding users that, like the Canadian Inuit, who have 500 different words for "snow", that the German language has 1000 different words for "stupid". -- Kate http://www.katewerk.com
Re: AntiVirus!
On Tue, 05 Dec 2000 02:18:33 +0100, Felix von Leitner wrote: By the way, about the discussion about the net worth of virus scanners, please have a look a the email I just got (no, I am not making this up): I can verify this---I too received a similar bounce from their group and sent them back a *fix your MTA* email. They responded and said that they had removed the person that was subscribed (not fixing the root of the problem). In fact, it was to the same [EMAIL PROTECTED] address. Andy
RE: AntiVirus!
To repeat what I said yesterday, I apologize for some of you getting that crap from our corporate mail server which has (in my opinion) overzealous virus and spam protection enabled. But those aren't my mail servers to govern and many of my coworkers have shown the inability to refrain from double clicking on binary attachments. So arguments I voice are ignored. -- Michael Boyiazis [EMAIL PROTECTED] Mail Architect, NetZero, Inc. -Original Message- From: Andy Bradford [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 05, 2000 9:52 AM To: [EMAIL PROTECTED] Subject: Re: AntiVirus! On Tue, 05 Dec 2000 02:18:33 +0100, Felix von Leitner wrote: By the way, about the discussion about the net worth of virus scanners, please have a look a the email I just got (no, I am not making this up): I can verify this---I too received a similar bounce from their group and sent them back a *fix your MTA* email. They responded and said that they had removed the person that was subscribed (not fixing the root of the problem). In fact, it was to the same [EMAIL PROTECTED] address. Andy
Re: AntiVirus!
In the immortal words of Felix von Leitner ([EMAIL PROTECTED]): A good attack agent could spread itself using SMTP, RPC, FTP and IRC all at the same time. Yeah, and pigs can fly. The only people who would have a reason to spend the massive amounts of time and money on this purely destructive work are the military. Um, ISTR that the Morris Worm did a pretty good job of spreading over heterogeneous UNIX-like systems over a variety of transports. And despite his father's connections, RTM himself was basically a bored college student. Of course, we're so much smarter now that this could never happen, right? Of course. -n, going back to ignoring this thread --[EMAIL PROTECTED] Dressing like your sister / living like a tart / you don't know what you're doing / babe, it must be art! (--U2) http://www.blank.org/memory/--
Re: AntiVirus!
On Tue, Dec 05, 2000 at 06:54:01PM -0500, "Nathan J. Mehl" [EMAIL PROTECTED] wrote: Um, ISTR that the Morris Worm did a pretty good job of spreading over heterogeneous UNIX-like systems over a variety of transports. And despite his father's connections, RTM himself was basically a bored college student. The Morris worm didn't affect many different kinds of systems. We weren't shutdown because our main system was a Tahoe unix system.
Re: AntiVirus!
This is the biggest lie of computing: that there is no choice. Everyone has hundreds of options, but the American culture apparently revolves around taking the wrong choice, blaming it on circumstances and whining about the consequences. Just an example: You are installing a new mail server for a company, that uses Windows on their workstations. Than the boss says "What about viruses?" - will you reinstall all the machines,s OSes with *ix and teach them use it? Teach them to use all the new softwere? Are you able to do that? I suppose not, so there are situations, where there IS no choise. To be honest: I don't care at all what OS he is using. I just can't stand his whining. Felix
Re: AntiVirus!
* [EMAIL PROTECTED] writes: I've been thinking of a scheme in which attachments of certain "dangerous" types get mangled, such that the filenames or types are intentionally misdeclared. So the user ends up with a plain base64 text file, which is meaningless, but which he can trivially decode to the original. Check your favourite seach engine for "Email security through procmail" aka Anomy, it does just that. This places the burden of vigilance back on the user where it belongs, rather than breeding a generation of click-happy users. And if he does decode and run it, and it is a virus, you can point a very accusing finger instead of a palms-up shrug. That won't work because a) even the worst luser soon finds out how to save and rename the files, and b) you won't be able to take the heat from your bosses. -- Robin S. Socha http://socha.net/
Re: AntiVirus!
Thus spake [EMAIL PROTECTED] ([EMAIL PROTECTED]): I've been thinking of a scheme in which attachments of certain "dangerous" types get mangled, such that the filenames or types are intentionally misdeclared. So the user ends up with a plain base64 text file, which is meaningless, but which he can trivially decode to the original. This places the burden of vigilance back on the user where it belongs, rather than breeding a generation of click-happy users. And if he does decode and run it, and it is a virus, you can point a very accusing finger instead of a palms-up shrug. While this sounds good, it does not solve the problem. This is about shifting the blame, not solving the problem, which is that users run insecure operating systems. As long as people run Windows, there will be a virus and trojan problem. I find it astonishing that people don't sue Microsoft for this. A whole industry thrives on Microsoft's bad code quality. And because most governments use Windows, this is even paid for by tax payer's money. Felix
Re: AntiVirus!
Thus spake [EMAIL PROTECTED] ([EMAIL PROTECTED]): I've been thinking of a scheme in which attachments of certain "dangerous" types get mangled, such that the filenames or types are intentionally misdeclared. So the user ends up with a plain base64 text file, which is meaningless, but which he can trivially decode to the original. This places the burden of vigilance back on the user where it belongs, rather than breeding a generation of click-happy users. And if he does decode and run it, and it is a virus, you can point a very accusing finger instead of a palms-up shrug. While this sounds good, it does not solve the problem. This is about shifting the blame, not solving the problem, which is that users run insecure operating systems. As long as people run Windows, there will be a virus and trojan problem. I find it astonishing that people don't sue Microsoft for this. A whole industry thrives on Microsoft's bad code quality. People will allways use Windows, no matter what the sysadmins say. The "lusers" want buttons, F1 and plug'n'play. The problem is not the OS security - most of the times there is no choise. The man askes for an antivirus softwere, not for compare between OSes.
Re: AntiVirus!
Thus spake Milen Petrinski ([EMAIL PROTECTED]): People will allways use Windows, no matter what the sysadmins say. Then ignore that minority group and don't prolong their agony by giving them access to non-solutions like virus scanners. The "lusers" want buttons, F1 and plug'n'play. Buttons and F1 they can have on all platforms, plug and play has never been farther away from reality as on Windows. The problem is not the OS security - most of the times there is no choise. The man askes for an antivirus softwere, not for compare between OSes. This is the biggest lie of computing: that there is no choice. Everyone has hundreds of options, but the American culture apparently revolves around taking the wrong choice, blaming it on circumstances and whining about the consequences. To be honest: I don't care at all what OS he is using. I just can't stand his whining. Felix
Re: AntiVirus!
* Milen Petrinski [EMAIL PROTECTED] writes: Thus spake [EMAIL PROTECTED] ([EMAIL PROTECTED]): I've been thinking of a scheme in which attachments of certain "dangerous" types get mangled, such that the filenames or types are intentionally misdeclared. So the user ends up with a plain base64 text file, which is meaningless, but which he can trivially decode to the original. While this sounds good, it does not solve the problem. This is about shifting the blame, not solving the problem, which is that users run insecure operating systems. People will allways use Windows, no matter what the sysadmins say. The "lusers" want buttons, F1 and plug'n'play. They don't want F1. That's one of the problems. The problem is not the OS security - most of the times there is no choise. Look, when I was in larval stage, nobody got fired for buying IBM and WP hat 90% of the market. There was "no choice". Or was there? Now it's basically the same. Linux is here to stay and Unix is gaining an ever stronger foothold in the server market. The next big thing will be "thin clients" or WebTV or whatever - client/server in any case. There *will* be choice. The man askes for an antivirus softwere, not for compare between OSes. The man is perpetuating a problem, not trying to solve it. Dealing with company email is not a software thing, it's a matter of your Acceptable Use Policy". Ours clearly states that opening mails from an unknown source is a reason for being dismissed. It's as easy as that. Granted, spoofing an address is not that difficult, but such an AUP makes people /think/ - that's worth more than 500 virus scanners. Remeber ILOVEYOU? No virus scanner on earth would have prevented that. And as long as there is closes commercial software (read: Windows), there will be security exploits by the dozen. Anyway - it's not a mailserver thing, so reply-to set. -- Robin S. Socha http://socha.net/
RE: AntiVirus!
Remeber ILOVEYOU? No virus scanner on earth would have prevented that. from my logs Sanitizing MIME attachment headers in "I love you" from [EMAIL PROTECTED] to xx msgid=snip Trapped poisoned executable "LOVE-LETTER-FOR-YOU.TXT.vbs". We didn't get a single infected machine. The mail server stopped all of them. there is closes commercial software (read: Windows), there will be security exploits by the dozen. There are plenty of security exploits for open source software as well. That's a non-argument. The one major advantage open source software seems to have is that the fix is available usually within hours of the exploit being revealed (if admins keep up with them). Meanwhile MS or whoever is still denying there is a problem.
RE: AntiVirus!
As long as people run Windows, there will be a virus and trojan problem. And Unix is immune to Trojans and worms? With attacks getting more sophisticated I can see a day when an email would arrive and the MUA would be attacked via a buffer overflow in the header, use a local host exploit to root the box and then spread from there. With the high band pass available to more and more locations I can see such an attack pulling along multiple megabytes of payload to even allow cross platform attack code to be included. A good attack agent could spread itself using SMTP, RPC, FTP and IRC all at the same time. I find it astonishing that people don't sue Microsoft for this. A whole industry thrives on Microsoft's bad code quality. Be careful what you wish for. Once the lawsuits start the Open Source world is getting deeper pockets and therefore becoming a target.
Re: AntiVirus!
On Mon, Dec 04, 2000 at 12:59:54PM +0100, Felix von Leitner wrote: I find it astonishing that people don't sue Microsoft for this. A whole industry thrives on Microsoft's bad code quality. They can't sue microsoft. They "accepted" a license that says Microsoft isn't responsible blah blah blah. --Adam -- Adam McKenna [EMAIL PROTECTED] | "No matter how much it changes, http://flounder.net/publickey.html | technology's just a bunch of wires GPG: 17A4 11F7 5E7E C2E7 08AA| connected to a bunch of other wires." 38B0 05D0 8BF7 2C6D 110A| Joe Rogan, _NewsRadio_ 2:21pm up 177 days, 12:37, 9 users, load average: 0.00, 0.00, 0.00
Re: AntiVirus!
On Mon, Dec 04, 2000 at 12:22:43PM -0600, John W. Lemons III wrote: Then ignore that minority group and don't prolong their agony by giving them access to non-solutions like virus scanners. I disagree with the assertion that virus scanners are non-solutions. me too. On the mail servers I run, I have installed some simple virus scanning software, and it has, up to now, filtered out lots of incoming virii and trojans, as well as a few outgoing virii (which alerted me as to who was infected, and allowed me to advise the IT folks so they could go clean it up). Its not a perfect solution, but its far better than nothing, and results in our location not becoming a source for that kind of garbage. wrong. You pretend to provide security, but in reality you still allow your clients to behave stupid and catch a virus. btw: what's your IT department good for? Reinstalling windows after it got infected by a virus? If that happened on an important machine - with valuable data - they shouldn't be allowed to do so, instead they should be fired, possibly together with the user. A virus might happen on a sandbox. Nowhere else. I recognize that people seem to see virus as got-sent, but they aren't. A virus infection is a sign that someone - and possibly also the ones who should have teached that someone - made an error. Regards, Uwe
Re: AntiVirus!
* John W Lemons [EMAIL PROTECTED] writes: Remeber ILOVEYOU? No virus scanner on earth would have prevented that. from my logs Sanitizing MIME attachment headers in "I love you" from [EMAIL PROTECTED] to xx msgid=snip Trapped poisoned executable "LOVE-LETTER-FOR-YOU.TXT.vbs". We didn't get a single infected machine. The mail server stopped all of them. True. But you owe the awestruck audience an explanation of what happened to that attachment. Anomy is cool, but ... ;-) there is closes commercial software (read: Windows), there will be security exploits by the dozen. There are plenty of security exploits for open source software as well. That's a non-argument. You're pavloving. I didn't say OSS was secure. I only said that CSS is and will always be a) insecure b) fixed too late. The one major advantage open source software seems to have is that the fix is available usually within hours of the exploit being revealed (if admins keep up with them). Meanwhile MS or whoever is still denying there is a problem. That's what I was trying to say. Oh well... }:- -- Robin S. Socha http://socha.net/
RE: AntiVirus!
wrong. You pretend to provide security, but in reality you still allow your clients to behave stupid and catch a virus. If that happened on an important machine - with valuable data - they shouldn't be allowed to do so, instead they should be fired, possibly together with the user. A virus might happen on a sandbox. Nowhere else. What a silly assertion. In a perfect world, this makes good sense, but the reality is that the work force that we serve is more interested in scientific/academic/business endeavors than in being perfectly trained on how to use their desktop PC, and then summarily fired when they make a mistake. If a level of protection can be provided to make their experience safer, why shouldn't it be. (comments about the incompetence of our IT staff summarily ignored... sorry you feel the need to insult people you don't even know or deal with) A virus infection is a sign that someone - and possibly also the ones who should have teached that someone - made an error. That is true enough, but if the virus can be stopped some of the time before it even reaches the end user, why not?
Re: AntiVirus!
* Lipscomb, Al [EMAIL PROTECTED] writes: I find it astonishing that people don't sue Microsoft for this. A whole industry thrives on Microsoft's bad code quality. Be careful what you wish for. Once the lawsuits start the Open Source world is getting deeper pockets and therefore becoming a target. I /don't/ think so: ,[ GPL http://www.gnu.org/copyleft/gpl.html ] | NO WARRANTY | | 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, | REPAIR OR CORRECTION. | | 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE | POSSIBILITY OF SUCH DAMAGES. ` Cf. http://www.gnu.org/philosophy/license-list.html -- Robin S. Socha http://socha.net/
RE: AntiVirus!
from my logs Sanitizing MIME attachment headers in "I love you" from [EMAIL PROTECTED] to xx msgid=snip Trapped poisoned executable "LOVE-LETTER-FOR-YOU.TXT.vbs". We didn't get a single infected machine. The mail server stopped all of them. True. But you owe the awestruck audience an explanation of what happened to that attachment. Anomy is cool, but ... ;-) It was sent to a holding directory and a messages was sent to the admin account alerting him of the incident. In this case it was so well known it and the others received by that time were simply deleted rather than analyzed, and the senders were notified. Then we modified the scripts to simply delete them rather than have to spend more time deleting them manually. :) You're pavloving. I didn't say OSS was secure. I only said that CSS is and will always be a) insecure b) fixed too late. Agreed, and sorry to misinterpret your post.
RE: AntiVirus!
* Lipscomb, Al [EMAIL PROTECTED] writes: I find it astonishing that people don't sue Microsoft for this. A whole industry thrives on Microsoft's bad code quality. Be careful what you wish for. Once the lawsuits start the Open Source world is getting deeper pockets and therefore becoming a target. I /don't/ think so: ,[ GPL http://www.gnu.org/copyleft/gpl.html ] | NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY OR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. See the words "TO THE EXTENT PERMITTED BY APPLICABLE LAW". There are lots of places in this world where the law says the person who wrote it or the person who gave it to you can be held liable no matter what they want to disclaim. It depends on _how_ I was harmed by the product in many cases.
Re: AntiVirus!
Quoting John W. Lemons III ([EMAIL PROTECTED]): True. But you owe the awestruck audience an explanation of what happened to that attachment. Anomy is cool, but ... ;-) It was sent to a holding directory and a messages was sent to the admin account alerting him of the incident. In this case it was so well known it and the others received by that time were simply deleted rather than analyzed, and the senders were notified. Then we modified the scripts to simply delete them rather than have to spend more time deleting them manually. :) You should also tell the audience that this happens to /every/ attachment of this kind. Now, since most infections come from MS Word documents, what is your proposed solution? }:-
Re: AntiVirus!
On Mon, Dec 04, 2000 at 02:42:25PM -0600, "John W. Lemons III" [EMAIL PROTECTED] wrote: That is true enough, but if the virus can be stopped some of the time before it even reaches the end user, why not? Because there are costs in doing so. Generally if a person needs antivirus protection for a machine, they really need it for more than email that isn't encrypted. The right place to run it is on their machine, not on the central mail server. The issue with this is making sure they get handsoff updates of dat files. I also think that by using encryption and varient code to do bootstrap decryptionin viruses, it will make writing patterns that catch a virus without generating a lot of false positives much harder.
RE: AntiVirus!
That is true enough, but if the virus can be stopped some of the time before it even reaches the end user, why not? Because there are costs in doing so. True enough, but shouldn't the cost/benefit be calculated on a case by case basis? I can see how in some cases it would be worth it, and in others it would not be worth it. Generally if a person needs antivirus protection for a machine, they really need it for more than email that isn't encrypted. The right place to run it is on their machine, not on the central mail server. The issue with this is making sure they get handsoff updates of dat files. I agree with this as well, but certainly you can see that there is some level of benefit from a two (or three) tier approach to virus detection/prevention. Once again, the cost benefit ratio would come to bear when deciding how many levels of protection would be maintained. I also think that by using encryption and varient code to do bootstrap decryptionin viruses, it will make writing patterns that catch a virus without generating a lot of false positives much harder. Agreed. That's why we pay the anti-virus folks so much money. :) It seems to me that one of the major solutions to this problem would be real OS level security on more machines (ie not windows). The big problem there is cost, training, availability of software, politics, user acceptance, etc etc ad nauseum. If I were king... :)
Re: AntiVirus!
Thus spake John W. Lemons III ([EMAIL PROTECTED]): I disagree with the assertion that virus scanners are non-solutions. On the mail servers I run, I have installed some simple virus scanning software, and it has, up to now, filtered out lots of incoming virii and trojans, as well as a few outgoing virii (which alerted me as to who was infected, and allowed me to advise the IT folks so they could go clean it up). Its not a perfect solution, but its far better than nothing, and results in our location not becoming a source for that kind of garbage. Let me get this straight. Based on the fact that your virus scanner detected a few outgoing virii, you assert not only that it has detected all of them. And the role of your IT department is to walk around and clean up virus infections. What kind of institution are you working in? "Mom and Pop's Computer Shop South Bryan's Largest Selection of Colored Floppy Disks!"? In Europe, Elementary Schools have more professional IT departments than that. I understand that you don't use windows, so you are probably not aware that this is not a correct statement. I have installed 5 different new pieces of hardware on my windows 2000 machine in the last few months, and in every case they were recognized and drivers installed and configured with no intervention from me other than to hit the ok buttons when it asked it if I wanted to install them. Please ask your maths teacher for the difference between 5 and all It is not so difficult, really. Everyone has hundreds of options, but the American culture apparently revolves around taking the wrong choice, You can't make that kind of universal statement and have any credibility left. We use windows 2000 on many many machines and it serves us well. One of my favourite sayings is: "Everyone has the computing platform he deserves." And for your statements here, you deserve all the Windows 2000 that you can carry. Felix
Re: AntiVirus!
Thus spake John W. Lemons III ([EMAIL PROTECTED]): Trapped poisoned executable "LOVE-LETTER-FOR-YOU.TXT.vbs". We didn't get a single infected machine. The mail server stopped all of them. True. But you owe the awestruck audience an explanation of what happened to that attachment. Anomy is cool, but ... ;-) It was sent to a holding directory and a messages was sent to the admin account alerting him of the incident. In this case it was so well known it and the others received by that time were simply deleted rather than analyzed, and the senders were notified. Now that is impressive. You knew and could detect iloveyou before all the other people in the world? What kind of psychic are you employing? Or do you have some great artificial intelligence mail server that will treat all attachments that are named ".vbs" like poisoned executables and break your users' mail that way? Felix
Re: AntiVirus!
Thus spake Adam McKenna ([EMAIL PROTECTED]): I find it astonishing that people don't sue Microsoft for this. A whole industry thrives on Microsoft's bad code quality. They can't sue microsoft. They "accepted" a license that says Microsoft isn't responsible blah blah blah. The old lady who microwaved her poodle could sue the oven maker? The woman who burnt herself with coffee at MacDonald's could sue them? And you are telling me Microsoft can not be sued for that weapon of mass destruction they call Windows? Well, obviously everyone has the government they deserve. In Europe, you can't disclaim damages that result from negligence on your part. There is currently a discussion whether Microsoft Germany should be held liable for the damages they did in Germany. That cost alone should drive all Microsofts in Europe into bankruptcy. Felix
Re: AntiVirus!
Thus spake Lipscomb, Al ([EMAIL PROTECTED]): As long as people run Windows, there will be a virus and trojan problem. And Unix is immune to Trojans and worms? Unix is so heterogenous that it is next to impossible to write a portable exploit. It will of course always be possible to exploit people's dim wits, though. Under Unix, people do not work as root. A good attack agent could spread itself using SMTP, RPC, FTP and IRC all at the same time. Yeah, and pigs can fly. The only people who would have a reason to spend the massive amounts of time and money on this purely destructive work are the military. As long as organisations like NATO are using Exchange as email server, I have no fear that they might one day acquire the knowledge to pull something like that off. After all, it's all a bunch of fat bureaucrats. I find it astonishing that people don't sue Microsoft for this. A whole industry thrives on Microsoft's bad code quality. Be careful what you wish for. Once the lawsuits start the Open Source world is getting deeper pockets and therefore becoming a target. Oh yes, please, go ahead and sue the Open Source world. I dare you. Hint: it's not an organisation that produces anything you could sue them for. Except maybe slander ;-) Felix
Re: AntiVirus!
Thus spake Lipscomb, Al ([EMAIL PROTECTED]): See the words "TO THE EXTENT PERMITTED BY APPLICABLE LAW". There are lots of places in this world where the law says the person who wrote it or the person who gave it to you can be held liable no matter what they want to disclaim. It depends on _how_ I was harmed by the product in many cases. Al, please don't talk about stuff you don't understand. It's not a "product", it's free software. And if there was any precedent for taking a software maker to a court for his bad software quality, California would have to declare bankruptcy. Then you have more problems that a few free software hackers. Felix
RE: AntiVirus!
Based on the fact that your virus scanner detected a few outgoing virii, you assert not only that it has detected all of them. Please quote where I indicated perfection. And the role of your IT department is to walk around and clean up virus infections. One of the many roles of the IT staff is maintenance of hardware and software. Whats wrong with that? snip a bunch of childish crap, further verifying your lack of ability to carry on a civilized discussion Never mind answering the above. I see that your answer will be useless.
RE: AntiVirus!
It was sent to a holding directory and a messages was sent to the admin account alerting him of the incident. In this case it was so well known it and the others received by that time were simply deleted rather than analyzed, and the senders were notified. Now that is impressive. You knew and could detect iloveyou before all the other people in the world? I was awake that night as the reports started coming accross the wire. It was trivial to modify my filters and scan the mail boxes before people came in to work the next morning. What kind of psychic are you employing? Do you ever have anything useful to say?
Re: AntiVirus!
On Mon, 4 Dec 2000, [EMAIL PROTECTED] wrote: Now that is impressive. You knew and could detect iloveyou before all the other people in the world? I was awake that night as the reports started coming accross the wire. It was trivial to modify my filters and scan the mail boxes before people came in to work the next morning. It's been awhile since I've posted to this list, but I must point out that this "watch and wait" vigil-style virii detection isn't really all that useful when you're asleep and wake up the next morning to your staff executing a script that is wiping the hard drives of every machine on your network. Hec, wiping out even just one of my bosses computers is a nightmare... -- B r e t t R a n d a l l http://xbox.ipsware.com/ brett_ @ _ipsware.com
Re: AntiVirus!
Quoting John W. Lemons III ([EMAIL PROTECTED]): Now that is impressive. You knew and could detect iloveyou before all the other people in the world? I was awake that night as the reports started coming accross the wire. It was trivial to modify my filters and scan the mail boxes before people came in to work the next morning. And there I was, having developed a little faith in NT-luserdom. But no, John W. Lemons III had /not/ taken precautions. He did the same ad-hackery all NT-Sysops did that night. And he didn't even have a Securityfocus2sms gateway to help him in his relentless struggle against Redmon-induced IT-BSD. John, you just shot yourself in both feet with an elephant gun. Your little sob story /proved/ that virus scanners are snakeoil. What kind of psychic are you employing? Do you ever have anything useful to say? At least his systems are virus free, John... reply-to set.
Re: AntiVirus!
Thus spake John W. Lemons III ([EMAIL PROTECTED]): Based on the fact that your virus scanner detected a few outgoing virii, you assert not only that it has detected all of them. Please quote where I indicated perfection. You said that you are happy that you have not become one of the places that spread virii. By the way, about the discussion about the net worth of virus scanners, please have a look a the email I just got (no, I am not making this up): From [EMAIL PROTECTED] Tue Dec 5 01:32:07 2000 Return-Path: Delivered-To: [EMAIL PROTECTED] Received: (qmail 28608 invoked from network); 5 Dec 2000 00:32:07 - Received: from scream.wlv.netzero.net (HELO mailfw.nzdom) (209.247.163.9) by fefe.de with SMTP; 5 Dec 2000 00:32:07 - Received: from ([255.255.255.255]) by mailfw.nzdom with MailMarshal (3,3,0,0) id D220d; Mon, 04 Dec 2000 16:37:26 -800 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Date: Mon, 04 Dec 2000 16:37:26 -800 Subject: Your e-mail message was blocked MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="--=_NextPart_5e5c99df-bbb5-11d4-b9fe-009027858a3a" Content-Length: 723 =_NextPart_5e5c99df-bbb5-11d4-b9fe-009027858a3a Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit NetZero Mail server has stopped the following e-mail for one of the following reasons: * It contains a disallowed subject line, text message, a chain or hoax letter. Message: B000ef930.0001.mml From:[EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: AntiVirus! If you believe the above e-mail to be business related please contact [EMAIL PROTECTED] to arrange for the message to be released to its intended recipients. The blocked e-mail will be automatically deleted after 7 days. =_NextPart_5e5c99df-bbb5-11d4-b9fe-009027858a3a-- What will happen when someone writes a Virus called "the"? Felix
RE: AntiVirus!
John, you just shot yourself in both feet with an elephant gun. Your little sob story /proved/ that virus scanners are snakeoil. I fail to see how that "shot me in the foot". One of the features of our virus scanning procedure is the ability to filter out suspect files. I think you are a bit over zealous.
RE: AntiVirus!
It's been awhile since I've posted to this list, but I must point out that this "watch and wait" vigil-style virii detection isn't really all that useful when you're asleep and wake up the next morning to your staff executing a script that is wiping the hard drives of every machine on your network. Hec, wiping out even just one of my bosses computers is a nightmare... Agreed, but I would have been remiss had I not augmented our filtering when news hit. Its certainly not the best filtering methodology on the market, but it did stop us from having any problems. Certainly better than doing nothing considering how many copies of that thing we filtered.
RE: AntiVirus!
yeah. my apologies to those of you on this thread that get that returned to you. that's another department's fun to decide (correctly and otherwise) what is spam and virus and whatnot and protect the uninformed amongst those of us who know what not to click on. sorry. -- Michael Boyiazis [EMAIL PROTECTED] Mail Architect, NetZero, Inc. -Original Message- From: Felix von Leitner [mailto:[EMAIL PROTECTED]] Sent: Monday, December 04, 2000 5:19 PM To: [EMAIL PROTECTED] Subject: Re: AntiVirus! Thus spake John W. Lemons III ([EMAIL PROTECTED]): Based on the fact that your virus scanner detected a few outgoing virii, you assert not only that it has detected all of them. Please quote where I indicated perfection. You said that you are happy that you have not become one of the places that spread virii. By the way, about the discussion about the net worth of virus scanners, please have a look a the email I just got (no, I am not making this up): From [EMAIL PROTECTED] Tue Dec 5 01:32:07 2000 Return-Path: Delivered-To: [EMAIL PROTECTED] Received: (qmail 28608 invoked from network); 5 Dec 2000 00:32:07 - Received: from scream.wlv.netzero.net (HELO mailfw.nzdom) (209.247.163.9) by fefe.de with SMTP; 5 Dec 2000 00:32:07 - Received: from ([255.255.255.255]) by mailfw.nzdom with MailMarshal (3,3,0,0) id D220d; Mon, 04 Dec 2000 16:37:26 -800 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Date: Mon, 04 Dec 2000 16:37:26 -800 Subject: Your e-mail message was blocked MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="--=_NextPart_5e5c99df-bbb5-11d4-b9fe-009027858a3a" Content-Length: 723 =_NextPart_5e5c99df-bbb5-11d4-b9fe-009027858a3a Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit NetZero Mail server has stopped the following e-mail for one of the following reasons: * It contains a disallowed subject line, text message, a chain or hoax letter. Message: B000ef930.0001.mml From:[EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: AntiVirus! If you believe the above e-mail to be business related please contact [EMAIL PROTECTED] to arrange for the message to be released to its intended recipients. The blocked e-mail will be automatically deleted after 7 days. =_NextPart_5e5c99df-bbb5-11d4-b9fe-009027858a3a-- What will happen when someone writes a Virus called "the"? Felix
Re: AntiVirus!
At 12:46 AM 5/12/00 +0100, Felix von Leitner wrote: Thus spake John W. Lemons III ([EMAIL PROTECTED]): I disagree with the assertion that virus scanners are non-solutions. On the mail servers I run, I have installed some simple virus scanning software, and it has, up to now, filtered out lots of incoming virii and trojans, as well as a few outgoing virii (which alerted me as to who was infected, and allowed me to advise the IT folks so they could go clean it up). Its not a perfect solution, but its far better than nothing, and results in our location not becoming a source for that kind of garbage. Let me get this straight. Based on the fact that your virus scanner detected a few outgoing virii, you assert not only that it has detected all of them. I don't see how you got "All" out of "filtered out lots of incoming virii and trojans", which clearly does not say it covers everything. Please stop generalizing. And the role of your IT department is to walk around and clean up virus infections. What kind of institution are you working in? snip! In Europe, Elementary Schools have more professional IT departments than that. IT Departments are there to solve user problems, and to solve company/institution problems. A virus can quite happily be both. I have seen a number of 'network/computer issues' (outside of the office I am in) that have been related to virii causing unpredictable behavior. Ignoring the problem only allows it to fester, and will only make the final cleanup (which will most definitely be the IT Departments problem) much longer, problematic, and far more costly. How much does your company/institution price it's data, and it's down-time? And what operating system your network clients run is not always your decision to make. Add to that the fact that the more complex the application and operating system, the more likely bugs are introduced, with the consequence that there will always be some sort of exploit for a hell of a lot of software, even on Unix/Posix based platforms. A good (fairly secure) operating system (which really means the kernel and a few select tools) doesn't mean that the applications will necessarily follow suit. One of my favourite sayings is: "Everyone has the computing platform he deserves." And for your statements here, you deserve all the Windows 2000 that you can carry. Unfortunately you don't always have the choice that you may want, simply due to the nature of your business, or due to lack of applications. Many people I know wish they had the luxury of having everyone using a non-windows platform for clients. I'm quite lucky that we are heading in that direction, but we will not be windowless for a while yet. A virus scanner isn't the whole solution. But it's a part of a solution that is definitely worth investigating. It may not necessarily be part of your solution, but your solution isn't necessarily good for anyone else either. Stuart Young - [EMAIL PROTECTED] (aka Cefiar) - [EMAIL PROTECTED] [All opinions expressed in the above message are my] [own and not necessarily the views of my employer..]
RE: AntiVirus!
I was speaking of the kinds of files we filter in and out. Sorry we are having such a hard time communicating. -Original Message- From: Felix von Leitner [mailto:[EMAIL PROTECTED]] Sent: Monday, December 04, 2000 7:19 PM To: [EMAIL PROTECTED] Subject: Re: AntiVirus! Thus spake John W. Lemons III ([EMAIL PROTECTED]): Based on the fact that your virus scanner detected a few outgoing virii, you assert not only that it has detected all of them. Please quote where I indicated perfection. You said that you are happy that you have not become one of the places that spread virii. By the way, about the discussion about the net worth of virus scanners, please have a look a the email I just got (no, I am not making this up): From [EMAIL PROTECTED] Tue Dec 5 01:32:07 2000 Return-Path: Delivered-To: [EMAIL PROTECTED] Received: (qmail 28608 invoked from network); 5 Dec 2000 00:32:07 - Received: from scream.wlv.netzero.net (HELO mailfw.nzdom) (209.247.163.9) by fefe.de with SMTP; 5 Dec 2000 00:32:07 - Received: from ([255.255.255.255]) by mailfw.nzdom with MailMarshal (3,3,0,0) id D220d; Mon, 04 Dec 2000 16:37:26 -800 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Date: Mon, 04 Dec 2000 16:37:26 -800 Subject: Your e-mail message was blocked MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="--=_NextPart_5e5c99df-bbb5-11d4-b9fe-009027858a3a" Content-Length: 723 =_NextPart_5e5c99df-bbb5-11d4-b9fe-009027858a3a Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit NetZero Mail server has stopped the following e-mail for one of the following reasons: * It contains a disallowed subject line, text message, a chain or hoax letter. Message: B000ef930.0001.mml From:[EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: AntiVirus! If you believe the above e-mail to be business related please contact [EMAIL PROTECTED] to arrange for the message to be released to its intended recipients. The blocked e-mail will be automatically deleted after 7 days. =_NextPart_5e5c99df-bbb5-11d4-b9fe-009027858a3a-- What will happen when someone writes a Virus called "the"? Felix
Re: AntiVirus!
On Mon, Dec 04, 2000 at 08:25:05PM +, Uwe Ohse wrote: On Mon, Dec 04, 2000 at 12:22:43PM -0600, John W. Lemons III wrote: Then ignore that minority group and don't prolong their agony by giving them access to non-solutions like virus scanners. I disagree with the assertion that virus scanners are non-solutions. me too. I do too, but only to a point. Automated virus scanners reduce but do not eliminate the risk of infection from viruses. However, virus scanners are NOT a solution. They are a band-aid to aleviate the symptoms of the problem. The problem is a lack of protection in the software (OS and application) itself. Proper protection models would be a solution. User education is also a problem. Everybody believes that you can simply use software with no training, even though every other significant endeavour they might do (driving, operating equipment, making sales calls for a company, etc.) requires a significant level of instruction. -- Bruce Guenter [EMAIL PROTECTED] http://em.ca/~bruceg/ PGP signature
RE: AntiVirus!
I do too, but only to a point. Automated virus scanners reduce but do not eliminate the risk of infection from viruses. However, virus scanners are NOT a solution. They are a band-aid to aleviate the symptoms of the problem. The problem is a lack of protection in the software (OS and application) itself. Proper protection models would be a solution. I agree, as I state in one of my previous posts, real OS security would resolve a large portion of this, and Windows just doesn't have it, nor do I expect it will in the foreseeable future. Until then, we have to apply whatever band aids keep us up and running. User education is also a problem. Everybody believes that you can simply use software with no training, even though every other significant endeavour they might do (driving, operating equipment, making sales calls for a company, etc.) requires a significant level of instruction. I understand that sentiment, and even agree to an extent, but the kind of time and money necessary for "proper" training is hard to come by (at least where I've worked). When you add to it an ignorant user base and new software being rolled out almost monthly, it becomes almost impossible to fully train some people. I've had some users that, in training sessions, picked up the concepts and information as fast as we could feed it to them, and others whose hands you had to hold though the whole process, and they still didn't really "get it". You can't just get rid of these people, as many of them were essential to the various departments for which the work, and most were exceptionally talented in their particular field. They just were not raised with computers. This will probably only get better though as the workforce transitions to the children and young adults who have grown up with them and technology progresses. So, we do the best with the people and resources we have. Virus scanners are just another tool to facilitate this.
OT: SNR on this list (was: RE: AntiVirus!)
[Sorry, John, for that immediate send -- I *wish* Eudora didn't map CTRL-E to that - Unix's "end of line" keystroke habit bites me in the backside again...] On or about 09:58 PM 12/4/00 -0600, John W. Lemons III was caught in a dark alley speaking these words: I do too, but only to a point. Automated virus scanners [snip] virus scanners are NOT a solution. [snip] real OS security [snip] Windows just doesn't have it [snip] time and money necessary for "proper" training new software being rolled out almost monthly I've tried to keep my fingers in check here, but even I have to say: What part of this thread has anything at all to do with qmail? Isn't there an alt.windows.sucks.WRT.virus.scanners.advocacy newsgroup you can take this to, if not at least private mail? Or, at the *very* least, can you for the sake of whatever deity you pray to at nite, put an "OT: " in front of the subject? One [very dedicated, intelligent] person has already been chased away by the poor behavior exhibited recently on this list... Must it continue? Regards. = Roger "Merch" Merchberger -- [EMAIL PROTECTED] SysAdmin - Iceberg Computers = Merch's Wild Wisdom of the Moment: = Sometimes you know, you just don't know sometimes, you know?
Re: AntiVirus!
Matt Brown ([EMAIL PROTECTED]) wrote: : Felix von Leitner [EMAIL PROTECTED] writes: : If running a virus scanner would be free (i.e. does not reduce security, : does not eat up CPU time on the email server, does not use memory, does : not cost time and money to maintain) then I would not be against it. : Nothing is free. All that is possible is that the cost is less than : the benefits. (Hi Felix) I would say the cost is higher than normally reckoned: you end up with dumber users, and that's pretty expensive. I've been thinking of a scheme in which attachments of certain "dangerous" types get mangled, such that the filenames or types are intentionally misdeclared. So the user ends up with a plain base64 text file, which is meaningless, but which he can trivially decode to the original. This places the burden of vigilance back on the user where it belongs, rather than breeding a generation of click-happy users. And if he does decode and run it, and it is a virus, you can point a very accusing finger instead of a palms-up shrug. -harold
AntiVirus!
Hi everybody... I have qmail vpopmail running on Linux machine and I was thinking on installing an antivirus on my mailserver, does anyone have any suggestions about this issue?! Thanks for your time V.
Re: AntiVirus!
Visar Emini wrote: Hi everybody... I have qmail vpopmail running on Linux machine and I was thinking on installing an antivirus on my mailserver, does anyone have any suggestions about this issue?! Thanks for your time V. Before you get flamed by everyone for asking a "obvious" question, here is a link that will help you in your search: http://www.qmail.org/top.html#microsoft -- Eric Garff MyComputer.com System Admin Our Tools. Your Site. Just remember, if the world didn't suck, we'd all fall off. --
Re: AntiVirus!
* Visar Emini [EMAIL PROTECTED] writes: I have qmail vpopmail running on Linux machine and I was thinking on installing an antivirus on my mailserver, does anyone have any suggestions about this issue?! http://qmail.org/ - how many seconds did you search the archives? -- Robin S. Socha http://socha.net/
Re: AntiVirus!
Thus spake Visar Emini ([EMAIL PROTECTED]): I have qmail vpopmail running on Linux machine and I was thinking on installing an antivirus on my mailserver, does anyone have any suggestions about this issue?! Forget it. Anti virii don't work. They also introduce new security problems. Felix
Re: AntiVirus!
Like Felix I'm skeptical about the value of general anti-virii programs running as gatekeepers on Linux servers. However, I have found AMaViS (A Mail Virus Scanner; http://amavis.org ) very useful for filtering out e-mail viruses, a very annoying and prominant subgroup of viruses. AMaVis works with qmail but requires a separate anti-virus scan engine to work in conjunction with it. It supports a number of such scan engines. For example, I use McAfee's VShield 4.x scan engine under a corporate license. My enterprise also uses PC-based and Novell-server based anti- virus software but these have the disadvantage of needing to be properly configured, and the weakest link in this kind of distributed defense would be the handful of PCs or servers that had a misconfiguration. With AMaViS at the pass, there's the ability to passively run e-mail virus filters as every single e-mail comes in. If you decide to use this or a similar approach, you need to make sure that a cron job runs to periodically update the ant-virus .dat files from your scan engine's website. Otherwise your database of antiviral signatures gets obsolete. //jrkeene Thus spake Visar Emini ([EMAIL PROTECTED]): I have qmail vpopmail running on Linux machine and I was thinking on installing an antivirus on my mailserver, does anyone have any suggestions about this issue?! Forget it. Anti virii don't work. They also introduce new security problems. Felix Jerry R. Keene Senior Systems Analyst SCS ENGINEERS---1970-2000! Thirty Year Anniversary Partners With EPA Through The Landfill Methane Outreach Program Phone: 703.471.6150 Fax: 703.471.6676 http://www.scsengineers.com
Re: AntiVirus!
Thus spake Jerry Keene ([EMAIL PROTECTED]): Like Felix I'm skeptical about the value of general anti-virii programs running as gatekeepers on Linux servers. Please email yourself an email with http://www.fefe.de/antivirus/42.zip as attachment. Either your antivirus is thorough and DoSses your server (which makes it worthless) or it is misses virii and is worthless because of that. If you decide to use this or a similar approach, you need to make sure that a cron job runs to periodically update the ant-virus .dat files from your scan engine's website. Otherwise your database of antiviral signatures gets obsolete. Signature based detection can never catch current virii. You are victim of used car salespeople selling you snake oil. Felix
RE: AntiVirus!
Like Felix I'm skeptical about the value of general anti-virii programs running as gatekeepers on Linux servers. Check out http://www.vmyths.com A lot of the most "deadly" attacks could have been stopped dead with simple processes that looked for methods and not specific "signatures". A simple example would be to look for extensions that indicate executable status in the Windows world and hold them for examination. You would have stopped "I Love You" and whatever the latest nonsense that started last night is, without having to wait for an updated "signature" file.
Re: AntiVirus!
On Fri, Dec 01, 2000 at 02:24:03PM -0500, Jerry Keene wrote: very useful for filtering out e-mail viruses Don't know if this is a urban legend or if it really exists, but a friend told me about a ZIP file called 42.ZIP (maybe because it is 42 KB in size) which - as I heard - is currently floating around. This is not a virus but a DoS attack against virus scanners. If you unzip this ZIP you will get another 10 ZIPs. Each of this again contains 10 ZIPs ... until you end up with 10**6 ZIP files. Each of these ZIP files contains a file that is about 40 MegByte uncompressed. I think it will take considerable time, disk space and CPU power to "check" this 42.ZIP ... Can anyone confirm that this indeed exists (or is an urban legend)? \Maex -- SpaceNet AG | http://www.Space.Net/ | Stress is when you wake Research Development| mailto:[EMAIL PROTECTED] | up screaming and you Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0| realize you haven't D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet.
RE: AntiVirus!
Don't know if this is a urban legend or if it really exists, but a friend told me about a ZIP file called 42.ZIP (maybe because it is 42 KB in size) which - as I heard - is currently floating around. This is not a virus but a DoS attack against virus scanners. If you unzip this ZIP you will get another 10 ZIPs. Each of this again contains 10 ZIPs ... until you end up with 10**6 ZIP files. Each of these ZIP files contains a file that is about 40 MegByte uncompressed. There was a known DOS attack against some of these filter programs by sending an empty .zip file. The filter would look inside the file, find nothing and hang. check www.vmyths.com for legends and myths.
Re: AntiVirus!
Felix von Leitner [EMAIL PROTECTED] writes: Signature based detection can never catch current virii. Either s/current/new/ or s/catch/reliably catch/ There can be no argument that a signature based virus scanner can catch SOME viruses. The question is how reliably. The two issues are: 1) Virus signatures MUST lag behind viruses. Therefore there is always a window in which the virus exists but not the signature. Signatures only help you if you're not an early victim. 2) The actual virus code may be hidden inside a wide number of packaging schemes; different mime encodings, compression formats, encryption formats, etc. It is impossible for a virus scanner to be able to read them all. Thus some known viruses can slip by because they're inside an unknown packaging scheme. Therefore, signature based scanners CANNOT be a 100% reliable method for preventing viruses. Felix, you seem to be of the opinion that anything less than 100% effectiveness is worthless? Or is it just that in your opinion signature based scanners are TOO FAR beneath that 100%? IMHO point (1) is more important than (2). Most of the time, viruses arrive in standard formats. Virus spread, however, is very fast nowadays -- it is increasingly common to get the virus before the signature, while in the past (given slow methods of propagation such as floppy disks) viruses spread much more slowly. And yes, the right solution to viruses is getting rid of the holes they exploit. There is no good reason why the functionality a Word macro virus exploits needs to exist. However, good luck getting Microsoft to fix their broken logic! -Matt -- | Matthew J. Brown - Senior Network Administrator - NBCi Shopping | | 1983 W. 190th St, Suite 100, Torrance CA 90504 | | Phone: (310) 538-7122| Work: [EMAIL PROTECTED] | | Cell: (714) 457-1854| Personal: [EMAIL PROTECTED] |
Re: AntiVirus!
Thus spake Matt Brown ([EMAIL PROTECTED]): Therefore, signature based scanners CANNOT be a 100% reliable method for preventing viruses. Plus, they are a security risk in themselves. And, they normally even cost money. Felix, you seem to be of the opinion that anything less than 100% effectiveness is worthless? Or is it just that in your opinion signature based scanners are TOO FAR beneath that 100%? If running a virus scanner would be free (i.e. does not reduce security, does not eat up CPU time on the email server, does not use memory, does not cost time and money to maintain) then I would not be against it. But virus scanners are a marketing vehicle for a whole industry that did nothing to prevent any virus I have ever seen anyone close to me me have. And yes, the right solution to viruses is getting rid of the holes they exploit. There is no good reason why the functionality a Word macro virus exploits needs to exist. However, good luck getting Microsoft to fix their broken logic! I don't care about Microsoft and what they fix or don't fix. I don't use their software and document formats. It's that easy. Really. Felix
Re: AntiVirus!
On Sat, Dec 02, 2000 at 01:47:53AM +0100, Felix von Leitner wrote: If running a virus scanner would be free (i.e. does not reduce security, does not eat up CPU time on the email server, does not use memory, does not cost time and money to maintain) then I would not be against it. Antivirus, not **antigravity**. ;^ -- Christopher F. Miller, Publisher [EMAIL PROTECTED] MaineStreet Communications, Inc 208 Portland Road, Gray, ME 04039 1.207.657.5078 http://www.maine.com/ Content management, electronic commerce, internet integration, Debian linux
Re: AntiVirus!
Felix von Leitner [EMAIL PROTECTED] writes: If running a virus scanner would be free (i.e. does not reduce security, does not eat up CPU time on the email server, does not use memory, does not cost time and money to maintain) then I would not be against it. Nothing is free. All that is possible is that the cost is less than the benefits. But virus scanners are a marketing vehicle for a whole industry that did nothing to prevent any virus I have ever seen anyone close to me me have. I used to work for an antivirus company (no longer; figured there was no future in it, and didn't want to paint myself into a corner). Obviously given that experience I have found virus scanners to prevent some viruses, quite a bit in fact. This was in the days when the PC boot sector virus was the major type, though (for once, not a type of virus MS can be blamed for, really -- MSDOS never pretended to be more than a glorified progam loader anyway). Whether the cure is worse than the disease; ah, there's the issue. And a LOT of characters in the AV world are less than savory. There is no truth in the concept that the AV vendors themselves write the viruses, though! There are PLENTY of losers out there to do it for free. I don't care about Microsoft and what they fix or don't fix. I don't use their software and document formats. It's that easy. Really. Personally, neither do I. However, many of us work in organisations that do use them, and we can't change that. -Matt -- | Matthew J. Brown - Senior Network Administrator - NBCi Shopping | | 1983 W. 190th St, Suite 100, Torrance CA 90504 | | Phone: (310) 538-7122| Work: [EMAIL PROTECTED] | | Cell: (714) 457-1854| Personal: [EMAIL PROTECTED] |
Re: AntiVirus!
2) The actual virus code may be hidden inside a wide number of packaging schemes; different mime encodings, compression formats, encryption formats, etc. It is impossible for a virus scanner to be able to read them all. Thus some known viruses can slip by because they're inside an unknown packaging scheme. Therefore, signature based scanners CANNOT be a 100% reliable method for preventing viruses. Depends on what you want to put in place. Simple rule: no attachments get to a MUA, they are removed and put into a secure file area. If they can be scanned and found to have no potential to carry code then they are sanity checked and may be picked up by their owner. If they can or do carry code then they must be inspected by hand and then a signature checking virus scanner. Sanity checks would include resonable headers and characters that are printable. The down side of this is you get many false hits. The good side is that while the signature based systems are waiting for updates you have a pile of .vbs or .exe files waiting to be looked at. Solutions include both commercial and roll your own. No solution is 100% but prescribing a solution that is only signature based is not enough. Having to shut down email to a 3,000 user organization due to the latest "love bug" attack will not win you friends. Of course getting it right got me (and the rest of the team) a nice polo shirt from Symantec.
Re: qmail-scanner + which antivirus ?
"Olivier M." [EMAIL PROTECTED] writes: Unfortunately avp is not free, the license-fee for a (linux) mail-server is about 100$/year. this would be acceptable. Are the updates automatic, or do they have to be done manualy ? (wget something, for example). How should the updates be done automatic? I use a cron-job starting wget each night and restart AvpDaemon after successful download. I would not use win-like programs where I don't have the source and which would do something automatic... Or do you mean the license-file itself? Don't have experience with that cause the license-files of the servers I administrate run until Sep 2001. And then I will contact AVP and buy some new licenses. HTH, Martin
Re: qmail-scanner + which antivirus ?
Thanks Martin for your answer. On Mon, Sep 25, 2000 at 10:47:33AM +0200, Martin Lesser wrote: Your problems seem to result of a perhaps misconfigured AvpLinux or AvpDaemon. If you use the trial-version of avp you may run into problems due to the "semi"-automatic tests done by avp. Unfortunately avp is not free, the license-fee for a (linux) mail-server is about 100$/year. this would be acceptable. Are the updates automatic, or do they have to be done manualy ? (wget something, for example). Regards, Olivier -- _ Olivier Mueller - [EMAIL PROTECTED] - PGPkeyID: 0E84D2EA - Switzerland qmail projects: http://omail.omnis.ch - http://webmail.omnis.ch PGP signature
Re: qmail-scanner + which antivirus ?
Rainer Link [EMAIL PROTECTED] writes: I use AvpDaemon and it works very well after a little patch of sub-avp.pl Martin, you should send it to Jason :) Done - some weeks ago :-) The patch concerned the behaviour of AvpDaemon, not AvpLinux. Your problems seem to result of a perhaps misconfigured AvpLinux or AvpDaemon. If you use the trial-version of avp you may run into problems due to the "semi"-automatic tests done by avp. Well, Martin, some more details on this issue could be useful? (what are "semi"-automatic tests) If you start scanning a file|directory without a valid registration-key-file you are prompted "Cancel scan process" and have to type "No" to continue. If you have a valid key-file the scan is done without this question. Martin
Re: qmail-scanner + which antivirus ?
"Olivier M." [EMAIL PROTECTED] writes: Just tried to use it with AVP and sweep : both returns a X-Qmail-Scanner-0.90: corrupt scanner/resource problems - exit status 256 in the logfile... If you are using qmail-scanner, could you please tell me which program is working well, and if is free ? Thanks in advance, I use AvpDaemon and it works very well after a little patch of sub-avp.pl Your problems seem to result of a perhaps misconfigured AvpLinux or AvpDaemon. If you use the trial-version of avp you may run into problems due to the "semi"-automatic tests done by avp. Unfortunately avp is not free, the license-fee for a (linux) mail-server is about 100$/year. Martin
Re: qmail-scanner + which antivirus ?
Martin Lesser wrote: Just tried to use it with AVP and sweep : both returns a X-Qmail-Scanner-0.90: corrupt scanner/resource problems - exit status 256 in the logfile... If you are using qmail-scanner, could you please tell me which program is working well, and if is free ? Thanks in advance, Well, several ppl reported problems with AVP/Linux and AvpDaemon to the AMaViS-user mailinglist. We discovered problems when /lib/libnss_compat.so.1 is missing (it comes with nssv1.rpm on SuSE Linux, which should be installed to execute glibc 2.0 programs in glibc 2.1 environments). And I was in contact with the developer regarding this problem. I use AvpDaemon and it works very well after a little patch of sub-avp.pl Martin, you should send it to Jason :) Your problems seem to result of a perhaps misconfigured AvpLinux or AvpDaemon. If you use the trial-version of avp you may run into problems due to the "semi"-automatic tests done by avp. Well, Martin, some more details on this issue could be useful? (what are "semi"-automatic tests) Jason, if you need more information, please feel free to contact me :-) cheers, Rainer -- Rainer Link | Member of Virus Help Munich (www.vhm.haitec.de) [EMAIL PROTECTED] | Developer of A Mail Virus Scanner (amavis.org) [EMAIL PROTECTED] | Founder of Linux AntiVirus Project (lavp.sourceforge.net)
qmail-scanner + which antivirus ?
Hello, I'm currently trying to install qmail-scanner (antivirus) on a server: basic installation seems to work well. Now I need a virus scanner : on the homepage http://qmail-scanner.sourceforge.net/ the following are listed: * Trend's Virus scanner * Sophos's "sweep" virus scanner * H+BEDV's antivir scanner * AVP AVPLinux scanner * MacAfee's (NAI's) virus scanner * F-Secure Anti-Virus scanner Just tried to use it with AVP and sweep : both returns a X-Qmail-Scanner-0.90: corrupt scanner/resource problems - exit status 256 in the logfile... If you are using qmail-scanner, could you please tell me which program is working well, and if is free ? Thanks in advance, Olivier -- _ Olivier Mueller - [EMAIL PROTECTED] - PGPkeyID: 0E84D2EA - Switzerland PGP signature
AVP AntiVirus
Hello averyone: Has anyone uses AVP antivirus? if yes, could you help me to install this software? regards Luis Bezerra
Re: AVP AntiVirus
Luis Bezerra wrote: Hello! Has anyone uses AVP antivirus? I'm using AVP/Linux, yes if yes, could you help me to install this software? What's your problem? Why don't you ask the support guys from KasperskyLabs? best regards, Rainer Link -- Rainer Link | Member of Virus Help Munich (www.vhm.haitec.de) [EMAIL PROTECTED] | Member of AMaViS Development Team (dev.amavis.org) rainer.w3.to | Maintainer FAQ "antivirus for Linux" (av-linux.w3.to)
Re: AVP AntiVirus
Luis Bezerra [EMAIL PROTECTED] writes: Has anyone uses AVP antivirus? Yep - it scans eMail on several qmail-servers I installed by using http://www.amavis.org with the patch by Rainer Link. if yes, could you help me to install this software? What's your problem? What doesn't work? Martin
Re: AntiVirus packages.
On Thu, Apr 27, 2000 at 01:24:14PM -0400, Steve Peace wrote: Does anybody know of a good antivirus package I can put on my RedHat 6.1, Qmail 1.03 server that may possibly be able to scan incoming messages for viruses? If not I guess I will have to trust my users to not download and execute any questionable attachments and actually trust them to scan there own PCs for viruses every so often. Kaspersky Labs has a qmail antivirus package in beta right now, expecting to start testing on with it really soon now. The URL for kaspersky labs is http://www.kaspersky.ru -- Roy-Magne Mo
Re: AntiVirus packages.
Anton Pirnat wrote: There are different ways to do so.. have a look at http://satan.oih.rwth-aachen.de/AMaViS/amavis.html Please use either AMaViS-0.2.0-pre6-clm-rl-8 or AMaViS-Perl-5, which can be found at http://www.unixzone.com/virus/ HTH best regards, Rainer Link (Member of AMaViS Development Team) -- Rainer Link | Student of Computer Networking [EMAIL PROTECTED] | University of Applied Sciences, Furtwangen, Germany rainer.w3.to | http://www.computer-networking.de/
AntiVirus packages.
Does anybody know of a good antivirus package I can put on my RedHat 6.1, Qmail 1.03 server that may possibly be able to scan incoming messages for viruses? If not I guess I will have to trust my users to not download and execute any questionable attachments and actually trust them to scan there own PCs for viruses every so often. Thanks, Steve Peace Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
Re: AntiVirus packages.
There are different ways to do so.. have a look at http://satan.oih.rwth-aachen.de/AMaViS/amavis.html hth Anton Pirnat Ursprüngliche Nachricht Am 27.04.00, 14:24:14, schrieb "Steve Peace" [EMAIL PROTECTED] zum Thema AntiVirus packages.: Does anybody know of a good antivirus package I can put on my RedHat 6.1, Qmail 1.03 server that may possibly be able to scan incoming messages for viruses? If not I guess I will have to trust my users to not download and execute any questionable attachments and actually trust them to scan there own PCs for viruses every so often. Thanks, Steve Peace Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
Re: AntiVirus packages.
our site use scan4virus by jason haar. You can give a try at http://www.geocities.com/jhaar/scan4virus/ On 27 Apr 00, at 13:24, Steve Peace hit the keyboard : Does anybody know of a good antivirus package I can put on my RedHat 6.1, Qmail 1.03 server that may possibly be able to scan incoming messages for viruses? If not I guess I will have to trust my users to not download and execute any questionable attachments and actually trust them to scan there own PCs for viruses every so often. Thanks, Steve Peace Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com Ismal Hisham Mohd Darus Asst. Manager, System Support John Hancock Life Insurance (Malaysia) Berhad