[xmail] Re: F-Prot vs NAI vs Sophos
Hmm... I really like the clamd option of clamav-win32. Seems really well suited for use on a mail server. ClamWin is definitely suited for average home use (nice interface, cool/simple install program, and plugs into Outlook). So I'll look at clamscan.exe first (they both share that) and then at clamdscan.exe for using the clamd.exe service. For the non-technical, both of these products use a virtual Linux system (CygWin) to run a Linux program (clamav). These are not native Win32 programs. But that shouldn't stop you from using them. You just need to be aware of some things such as increased resource requirements (after all, you are mapping unix op calls to win32 op calls). Jason J Ellingson Technical Consultant 615.301.1682 : nashville 612.605.1132 : minneapolis www.ellingson.com [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: F-Prot vs NAI vs Sophos
CalmAV for Windows http://www.sosdg.org/clamav-win32/ this one only provide command line tool. Probably a bit faster. ClamWin does provide GUI, and I feel it is more suitable at desktop. On Fri, 19 Nov 2004 13:13:04 -0600, Jason J. Ellingson <[EMAIL PROTECTED]> wrote: > CalmAV for Windows... > http://www.clamwin.net/ > > > > Jason J Ellingson > Technical Consultant > > 615.301.1682 : nashville > 612.605.1132 : minneapolis > > www.ellingson.com > [EMAIL PROTECTED] > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Tim McGarvey > Sent: Friday, November 19, 2004 10:59 AM > To: [EMAIL PROTECTED] > Subject: [xmail] Re: F-Prot vs NAI vs Sophos > > It's been a while since I looked, but there's a windows port for Clamav now? > Last time I installed it I had to install Cygwin, locate a missing > dependency file in the cygwin install of one of the math packages to get md5 > checks working, and manually build the executable from source. After > getting it working, I figured it wasn't really worth the hassle. Has > someone come out with a good windows port? > > Thanks, > Tim > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > -- My Blog - http://tony1986.blogspot.com/ - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: F-Prot vs NAI vs Sophos
CalmAV for Windows... http://www.clamwin.net/ Jason J Ellingson Technical Consultant 615.301.1682 : nashville 612.605.1132 : minneapolis www.ellingson.com [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tim McGarvey Sent: Friday, November 19, 2004 10:59 AM To: [EMAIL PROTECTED] Subject: [xmail] Re: F-Prot vs NAI vs Sophos It's been a while since I looked, but there's a windows port for Clamav now? Last time I installed it I had to install Cygwin, locate a missing dependency file in the cygwin install of one of the math packages to get md5 checks working, and manually build the executable from source. After getting it working, I figured it wasn't really worth the hassle. Has someone come out with a good windows port? Thanks, Tim - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: F-Prot vs NAI vs Sophos
SpamAssassin with all tests enabled is the winner hands down. There are no others that compare. Most who say SA can be beat by product xxx did not try SA with everything enabled... they only had the offline tests enabled, or worse, messed with the defaults thinking they were smarter than the development team. Outside of that, I've seen best results from CloudMark's products. They're the folks behind the Razor2 database. It works quite well. If you are looking for just Bayes based systems... take a peek at SourceForge.net. I know of two other bayes anti-spam systems on there. But they all suffer from Bayes poisoning tactics (fill an email up with non-spammy words to get past). SA doesn't suffer from this as Bayes is just one facet of its system. Jason J Ellingson Technical Consultant 615.301.1682 : nashville 612.605.1132 : minneapolis www.ellingson.com [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manny Fulgencio Sent: Friday, November 19, 2004 11:50 AM To: [EMAIL PROTECTED] Subject: [xmail] Re: F-Prot vs NAI vs Sophos Jason, Thanks a lot for this info. How about for anti-spam. What commercial package would you recommend other than Spamassassin? Regards, Manny - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: F-Prot vs NAI vs Sophos
Jason, Thanks a lot for this info. How about for anti-spam. What commercial package would you recommend other than Spamassassin? Regards, Manny -Original Message- From: Jason J. Ellingson To: [EMAIL PROTECTED] Subject: [xmail] F-Prot vs NAI vs Sophos Received: Friday, November 19, 2004 10:22:14 PM For those using my XMail AV filter for Win32, I thought I'd give you an update on AV testing... I've been testing F-Prot, McAfee, and Sophos for a couple weeks now and after several thousands of emails we have a definite winner... F-Prot is by far the fastest. It scans emails in 200-300ms. It hasn't missed a single virus (I update the virus sigs hourly) and uses the least amount of computer resources. NAI's McAfee is quite a bit slower. It scans emails in 800-1000ms. It hasn't missed a single virus either (I update the virus sigs hourly). It also catches a lot of the fraud emails (bank phishing scams). It is a heavy resource user. Sophos is about the same speed as McAfee. It scans emails in 800-900ms. It has missed two viruses (double zipped files -- the other two av's caught). And it is a medium resource user. In summary, they all work fine, but if you haven't put your money in one yet, I'd use F-Prot. As for claims that some viruses aren't caught by F-Prot, it appears that it doesn't try to get specific too much about the virus names... so it may catch Bagle.AT and call it Bagle.AQ as the code difference wasn't enough for them to bother... I don't know why, as their other products will bother telling you it is a slightly different virus. I'm sure that it is possible for F-Prot/McAfee to miss one and Sophos to catch it... I'm sure I don't get every virus in the wild... but these are what my logs show and thought it'd might help some of you smaller users who don't get enough emails to test. XMail-AV will be released again (V1.3) this weekend with logging as a new feature. XMail-SpamC will be released (V1.0) this weekend and will support both just "tagging" and if you use XMail-WAI, will move the email into the user's "spambox" based on score. Jason J Ellingson Technical Consultant 615.301.1682 : nashville 612.605.1132 : minneapolis www.ellingson.com [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: F-Prot vs NAI vs Sophos
It's been a while since I looked, but there's a windows port for Clamav now? Last time I installed it I had to install Cygwin, locate a missing dependency file in the cygwin install of one of the math packages to get md5 checks working, and manually build the executable from source. After getting it working, I figured it wasn't really worth the hassle. Has someone come out with a good windows port? Thanks, Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ing. Rosario Pingaro Sent: Friday, November 19, 2004 9:32 AM To: [EMAIL PROTECTED] Subject: [xmail] Re: F-Prot vs NAI vs Sophos May you add the Clamav support? They have a good port for windows that works greta and it is FREE. Thanks Rosario - Original Message - From: "Jason J. Ellingson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, November 19, 2004 9:20 AM Subject: [xmail] F-Prot vs NAI vs Sophos > For those using my XMail AV filter for Win32, I thought I'd give you an > update on AV testing... > > I've been testing F-Prot, McAfee, and Sophos for a couple weeks now and > after several thousands of emails we have a definite winner... > > F-Prot is by far the fastest. It scans emails in 200-300ms. It hasn't > missed a single virus (I update the virus sigs hourly) and uses the least > amount of computer resources. > > NAI's McAfee is quite a bit slower. It scans emails in 800-1000ms. It > hasn't missed a single virus either (I update the virus sigs hourly). It > also catches a lot of the fraud emails (bank phishing scams). It is a > heavy > resource user. > > Sophos is about the same speed as McAfee. It scans emails in 800-900ms. > It > has missed two viruses (double zipped files -- the other two av's caught). > And it is a medium resource user. > > In summary, they all work fine, but if you haven't put your money in one > yet, I'd use F-Prot. > > As for claims that some viruses aren't caught by F-Prot, it appears that > it > doesn't try to get specific too much about the virus names... so it may > catch Bagle.AT and call it Bagle.AQ as the code difference wasn't enough > for > them to bother... I don't know why, as their other products will bother > telling you it is a slightly different virus. > > I'm sure that it is possible for F-Prot/McAfee to miss one and Sophos to > catch it... I'm sure I don't get every virus in the wild... but these are > what my logs show and thought it'd might help some of you smaller users > who > don't get enough emails to test. > > XMail-AV will be released again (V1.3) this weekend with logging as a new > feature. > XMail-SpamC will be released (V1.0) this weekend and will support both > just > "tagging" and if you use XMail-WAI, will move the email into the user's > "spambox" based on score. > > Jason J Ellingson > Technical Consultant > > 615.301.1682 : nashville > 612.605.1132 : minneapolis > > www.ellingson.com > [EMAIL PROTECTED] > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Stunnel need help please
Re Hello I found a information on doc of xmail http://www.xmailserver.com/Readme.html#pop3_commands id need close the standard POP3 port for the rest of the world by binding it to 127.0.0.1. and use parameter -PI for that. BUT i 've 2 questions (before make a mistake) :-( - how to do that? by line command i presume? - and can i use port 110 and 25 + 995 and 8025 on the same xmail server??? i hope you will understand my bad english Thanks for your help Yann -Message d'origine- De : Yann LE ROCH - Agence CHROM [mailto:[EMAIL PROTECTED] Envoyé : vendredi 19 novembre 2004 16:31 À : [EMAIL PROTECTED] Objet : Stunnel need help please Hello, i've follow the instruction about this post http://xmailforum.homelinux.net/index.php?showtopic=601 for install Stunnel I create my stunnel.pem whit OpenSSL without error, but when i try to connect outlook on port 995 , i have an error :0800ccc0e and i don't understand why, on log of Stunnel i have an IP 0.0.0.0 ??? See below my Stunnel log 2004.11.19 16:13:28 LOG5[1340:1536]: stunnel 4.05 on x86-pc-mingw32-gnu WIN32 with OpenSSL 0.9.7e 25 Oct 2004 2004.11.19 16:13:28 LOG7[1340:1092]: RAND_status claims sufficient entropy for the PRNG 2004.11.19 16:13:28 LOG6[1340:1092]: PRNG seeded successfully 2004.11.19 16:13:28 LOG7[1340:1092]: Configuration SSL options: 0x0800 2004.11.19 16:13:28 LOG7[1340:1092]: SSL options set: 0x0800 2004.11.19 16:13:28 LOG7[1340:1092]: Certificate: stunnel.pem 2004.11.19 16:13:28 LOG7[1340:1092]: Key file: stunnel.pem 2004.11.19 16:13:28 LOG5[1340:1092]: WIN32 platform: 3 clients allowed 2004.11.19 16:13:28 LOG7[1340:1092]: FD 148 in non-blocking mode 2004.11.19 16:13:28 LOG7[1340:1092]: SO_REUSEADDR option set on accept socket 2004.11.19 16:13:28 LOG7[1340:1092]: POP3 bound to 0.0.0.0:995 2004.11.19 16:13:28 LOG7[1340:1092]: FD 160 in non-blocking mode 2004.11.19 16:13:28 LOG7[1340:1092]: SO_REUSEADDR option set on accept socket 2004.11.19 16:13:28 LOG7[1340:1092]: SMTP bound to 0.0.0.0:8025 Can you help me? thanks Yann - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: F-Prot vs NAI vs Sophos
At 09:53 11/19/2004, Jason J. Ellingson wrote: >I think that would work great for an end-point mail server. You could never >do that if you were hosting emails for others. I have users on >###-###.dsl.net addresses that have email accounts on my servers. They >wouldn't be able to send emails. They only wouldn't be able to send emails if they did not authenticate. It's very easy to put a check for authentication into the filter, and skip the RDNS checks if they are authenticated... - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Stunnel need help please
Hello, i've follow the instruction about this post http://xmailforum.homelinux.net/index.php?showtopic=601 for install Stunnel I create my stunnel.pem whit OpenSSL without error, but when i try to connect outlook on port 995 , i have an error :0800ccc0e and i don't understand why, on log of Stunnel i have an IP 0.0.0.0 ??? See below my Stunnel log 2004.11.19 16:13:28 LOG5[1340:1536]: stunnel 4.05 on x86-pc-mingw32-gnu WIN32 with OpenSSL 0.9.7e 25 Oct 2004 2004.11.19 16:13:28 LOG7[1340:1092]: RAND_status claims sufficient entropy for the PRNG 2004.11.19 16:13:28 LOG6[1340:1092]: PRNG seeded successfully 2004.11.19 16:13:28 LOG7[1340:1092]: Configuration SSL options: 0x0800 2004.11.19 16:13:28 LOG7[1340:1092]: SSL options set: 0x0800 2004.11.19 16:13:28 LOG7[1340:1092]: Certificate: stunnel.pem 2004.11.19 16:13:28 LOG7[1340:1092]: Key file: stunnel.pem 2004.11.19 16:13:28 LOG5[1340:1092]: WIN32 platform: 3 clients allowed 2004.11.19 16:13:28 LOG7[1340:1092]: FD 148 in non-blocking mode 2004.11.19 16:13:28 LOG7[1340:1092]: SO_REUSEADDR option set on accept socket 2004.11.19 16:13:28 LOG7[1340:1092]: POP3 bound to 0.0.0.0:995 2004.11.19 16:13:28 LOG7[1340:1092]: FD 160 in non-blocking mode 2004.11.19 16:13:28 LOG7[1340:1092]: SO_REUSEADDR option set on accept socket 2004.11.19 16:13:28 LOG7[1340:1092]: SMTP bound to 0.0.0.0:8025 Can you help me? thanks Yann - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: F-Prot vs NAI vs Sophos
Okay, ClamAV and AVG are added to the "to do" list. I'll even see about getting them in over the weekend (after releasing V1.3). I will assume we are looking at the AVG free personal use version? Jason J Ellingson Technical Consultant 615.301.1682 : nashville 612.605.1132 : minneapolis www.ellingson.com [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of K. Wolf Sent: Friday, November 19, 2004 8:36 AM To: [EMAIL PROTECTED] Subject: [xmail] Re: F-Prot vs NAI vs Sophos Or AVG for that matter. ;-) Wolfy At 01:31 AM 20/11/2004, you wrote: >May you add the Clamav support? >They have a good port for windows that works greta and it is FREE. > >Thanks > >Rosario - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: F-Prot vs NAI vs Sophos
I think that would work great for an end-point mail server. You could never do that if you were hosting emails for others. I have users on ###-###.dsl.net addresses that have email accounts on my servers. They wouldn't be able to send emails. Again... good idea for personal email server, but not for ISPs. Jason J Ellingson Technical Consultant 615.301.1682 : nashville 612.605.1132 : minneapolis www.ellingson.com [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tracy Sent: Friday, November 19, 2004 8:32 AM To: [EMAIL PROTECTED] Subject: [xmail] Re: F-Prot vs NAI vs Sophos I currently use F-Prot as by "backup" virus scanner. It's probably caught, oh, somewhere around 10 virus emails this month (all that made it through my primary scanner). My primary scanner, however, is very efficient at catching viruses - it also catches quite a few spams and phishing emails... It's a little program I wrote that plugs in as a pre-data filter and tests the RDNS for a number of known patterns. For example: *dsl*.*.com *dsl*.*.net *dsl*.*.*.??// catches a lot of stuff out of .JP and .BR *#.###.###.#* // where "#" represents a digit between 0 and 9, inclusive *#.##.###.#*// and other variations to catch IP addresses in RDNS names *dhcp*.*.com *dhcp*.*.net *dhcp*.*.*.?? And so on. Checks for patterns containing things like DSL, DHCP, CABLE, MODEM, DIAL, etc, as well as raw IP addresses (separated by periods or dashes). Eliminates a truly large number of viruses (before putting it in place, my virus scanner was catching probably 50 - 100 viruses per day (and missing who knows how many), now it's doing good to catch 10 per week). Something to think about, if you're in a position to implement it... - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: F-Prot vs NAI vs Sophos
Or AVG for that matter. ;-) Wolfy At 01:31 AM 20/11/2004, you wrote: >May you add the Clamav support? >They have a good port for windows that works greta and it is FREE. > >Thanks > >Rosario > > >- Original Message - >From: "Jason J. Ellingson" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Friday, November 19, 2004 9:20 AM >Subject: [xmail] F-Prot vs NAI vs Sophos > > > > For those using my XMail AV filter for Win32, I thought I'd give you an > > update on AV testing... > > > > I've been testing F-Prot, McAfee, and Sophos for a couple weeks now and > > after several thousands of emails we have a definite winner... > > > > F-Prot is by far the fastest. It scans emails in 200-300ms. It hasn't > > missed a single virus (I update the virus sigs hourly) and uses the least > > amount of computer resources. > > > > NAI's McAfee is quite a bit slower. It scans emails in 800-1000ms. It > > hasn't missed a single virus either (I update the virus sigs hourly). It > > also catches a lot of the fraud emails (bank phishing scams). It is a > > heavy > > resource user. > > > > Sophos is about the same speed as McAfee. It scans emails in 800-900ms. > > It > > has missed two viruses (double zipped files -- the other two av's caught). > > And it is a medium resource user. > > > > In summary, they all work fine, but if you haven't put your money in one > > yet, I'd use F-Prot. > > > > As for claims that some viruses aren't caught by F-Prot, it appears that > > it > > doesn't try to get specific too much about the virus names... so it may > > catch Bagle.AT and call it Bagle.AQ as the code difference wasn't enough > > for > > them to bother... I don't know why, as their other products will bother > > telling you it is a slightly different virus. > > > > I'm sure that it is possible for F-Prot/McAfee to miss one and Sophos to > > catch it... I'm sure I don't get every virus in the wild... but these are > > what my logs show and thought it'd might help some of you smaller users > > who > > don't get enough emails to test. > > > > XMail-AV will be released again (V1.3) this weekend with logging as a new > > feature. > > XMail-SpamC will be released (V1.0) this weekend and will support both > > just > > "tagging" and if you use XMail-WAI, will move the email into the user's > > "spambox" based on score. > > > > Jason J Ellingson > > Technical Consultant > > > > 615.301.1682 : nashville > > 612.605.1132 : minneapolis > > > > www.ellingson.com > > [EMAIL PROTECTED] > > > > - > > To unsubscribe from this list: send the line "unsubscribe xmail" in > > the body of a message to [EMAIL PROTECTED] > > For general help: send the line "help" in the body of a message to > > [EMAIL PROTECTED] > > > > > > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: F-Prot vs NAI vs Sophos
At 09:20 11/19/2004, Jason J. Ellingson wrote: >For those using my XMail AV filter for Win32, I thought I'd give you an >update on AV testing... > >I've been testing F-Prot, McAfee, and Sophos for a couple weeks now and >after several thousands of emails we have a definite winner... > >F-Prot is by far the fastest. It scans emails in 200-300ms. It hasn't >missed a single virus (I update the virus sigs hourly) and uses the least >amount of computer resources. I currently use F-Prot as by "backup" virus scanner. It's probably caught, oh, somewhere around 10 virus emails this month (all that made it through my primary scanner). My primary scanner, however, is very efficient at catching viruses - it also catches quite a few spams and phishing emails... It's a little program I wrote that plugs in as a pre-data filter and tests the RDNS for a number of known patterns. For example: *dsl*.*.com *dsl*.*.net *dsl*.*.*.??// catches a lot of stuff out of .JP and .BR *#.###.###.#* // where "#" represents a digit between 0 and 9, inclusive *#.##.###.#*// and other variations to catch IP addresses in RDNS names *dhcp*.*.com *dhcp*.*.net *dhcp*.*.*.?? And so on. Checks for patterns containing things like DSL, DHCP, CABLE, MODEM, DIAL, etc, as well as raw IP addresses (separated by periods or dashes). Eliminates a truly large number of viruses (before putting it in place, my virus scanner was catching probably 50 - 100 viruses per day (and missing who knows how many), now it's doing good to catch 10 per week). Something to think about, if you're in a position to implement it... - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: F-Prot vs NAI vs Sophos
May you add the Clamav support? They have a good port for windows that works greta and it is FREE. Thanks Rosario - Original Message - From: "Jason J. Ellingson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, November 19, 2004 9:20 AM Subject: [xmail] F-Prot vs NAI vs Sophos > For those using my XMail AV filter for Win32, I thought I'd give you an > update on AV testing... > > I've been testing F-Prot, McAfee, and Sophos for a couple weeks now and > after several thousands of emails we have a definite winner... > > F-Prot is by far the fastest. It scans emails in 200-300ms. It hasn't > missed a single virus (I update the virus sigs hourly) and uses the least > amount of computer resources. > > NAI's McAfee is quite a bit slower. It scans emails in 800-1000ms. It > hasn't missed a single virus either (I update the virus sigs hourly). It > also catches a lot of the fraud emails (bank phishing scams). It is a > heavy > resource user. > > Sophos is about the same speed as McAfee. It scans emails in 800-900ms. > It > has missed two viruses (double zipped files -- the other two av's caught). > And it is a medium resource user. > > In summary, they all work fine, but if you haven't put your money in one > yet, I'd use F-Prot. > > As for claims that some viruses aren't caught by F-Prot, it appears that > it > doesn't try to get specific too much about the virus names... so it may > catch Bagle.AT and call it Bagle.AQ as the code difference wasn't enough > for > them to bother... I don't know why, as their other products will bother > telling you it is a slightly different virus. > > I'm sure that it is possible for F-Prot/McAfee to miss one and Sophos to > catch it... I'm sure I don't get every virus in the wild... but these are > what my logs show and thought it'd might help some of you smaller users > who > don't get enough emails to test. > > XMail-AV will be released again (V1.3) this weekend with logging as a new > feature. > XMail-SpamC will be released (V1.0) this weekend and will support both > just > "tagging" and if you use XMail-WAI, will move the email into the user's > "spambox" based on score. > > Jason J Ellingson > Technical Consultant > > 615.301.1682 : nashville > 612.605.1132 : minneapolis > > www.ellingson.com > [EMAIL PROTECTED] > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] F-Prot vs NAI vs Sophos
For those using my XMail AV filter for Win32, I thought I'd give you an update on AV testing... I've been testing F-Prot, McAfee, and Sophos for a couple weeks now and after several thousands of emails we have a definite winner... F-Prot is by far the fastest. It scans emails in 200-300ms. It hasn't missed a single virus (I update the virus sigs hourly) and uses the least amount of computer resources. NAI's McAfee is quite a bit slower. It scans emails in 800-1000ms. It hasn't missed a single virus either (I update the virus sigs hourly). It also catches a lot of the fraud emails (bank phishing scams). It is a heavy resource user. Sophos is about the same speed as McAfee. It scans emails in 800-900ms. It has missed two viruses (double zipped files -- the other two av's caught). And it is a medium resource user. In summary, they all work fine, but if you haven't put your money in one yet, I'd use F-Prot. As for claims that some viruses aren't caught by F-Prot, it appears that it doesn't try to get specific too much about the virus names... so it may catch Bagle.AT and call it Bagle.AQ as the code difference wasn't enough for them to bother... I don't know why, as their other products will bother telling you it is a slightly different virus. I'm sure that it is possible for F-Prot/McAfee to miss one and Sophos to catch it... I'm sure I don't get every virus in the wild... but these are what my logs show and thought it'd might help some of you smaller users who don't get enough emails to test. XMail-AV will be released again (V1.3) this weekend with logging as a new feature. XMail-SpamC will be released (V1.0) this weekend and will support both just "tagging" and if you use XMail-WAI, will move the email into the user's "spambox" based on score. Jason J Ellingson Technical Consultant 615.301.1682 : nashville 612.605.1132 : minneapolis www.ellingson.com [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: SMTP External Authentication
I have one quick question, and then I think I have got it. When is the useredit called from $XMAIL_ROOT/userauth/pop3/domain.tab? What I am planning is to write a script that takes the place of the passwd program that calls CtrlClnt to change the password in xmail, which calls said file and also changes the system password. What I need to know is what invokes the useredit command in that file. Will CtrlClnt -s server -u user -p password userpass domain username password call it? If so, I think I have figured out this whole external auth thing! Thanks for all your help, Dustin C. Hatch Dustin C. Hatch wrote: >I guess I never thought of that. That would work great. The only >problem is getting the password to two places. I would have to look >into the crypt() function, which would mean I need to brush up on my C >:D Thanks Davide. >Dustin C. Hatch > >Davide Libenzi wrote: > > > >>On Wed, 17 Nov 2004, Dustin C. Hatch wrote: >> >> >> >> >> >>>I looked further into the docs on SMTP authentication, and they were no >>>help. All I got out of that was external as in another mail server. My >>>question still remains: why does external POP3 authentication not take >>>place when sending emails? It works just fine otherwise, downloading >>>messages from the server, but when I try to send a message, then I have >>>to use the password in the mailusers.tab file, which defeats the purpose >>>of having external authentication in the first place. What am I doing wrong? >>> >>> >>> >>> >>In general, even if XMail support some form of external auth, if it easier >>and more efficent to have the main account repository to trigger a smal >>script using CTRL interface to change the XMail password. This prevent >>XMail to run external commands during each session. >> >> >>- Davide >> >>- >>To unsubscribe from this list: send the line "unsubscribe xmail" in >>the body of a message to [EMAIL PROTECTED] >>For general help: send the line "help" in the body of a message to >>[EMAIL PROTECTED] >> >> >> >> >> >> > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
