Hello
I'm searching for a friend (who has very few money) an open source
antivirus scanner for email server that works with Postfix.
Any infos/links/advices welcome
Thanks and happy new year.
On Tue, Jan 03, 2012 at 04:26:57PM +0100, Frank Bonnet wrote:
> I'm searching for a friend (who has very few money) an open source
> antivirus scanner for email server that works with Postfix.
You probably want this:
http://www.clamav.net/lang/en/
--
Mason Loring Bliss ma...@bl
You can also try amavis http://www.amavis.org/ and comine it with clamav.
On Tue, Jan 3, 2012 at 10:31 PM, Mason Loring Bliss wrote:
> On Tue, Jan 03, 2012 at 04:26:57PM +0100, Frank Bonnet wrote:
>
> > I'm searching for a friend (who has very few money) an open source
> > antivirus scanner for
On Tuesday 03 January 2012 09:26:57 Frank Bonnet wrote:
> I'm searching for a friend (who has very few money) an open source
> antivirus scanner for email server that works with Postfix.
>
> Any infos/links/advices welcome
One link, Google, would have easily found clamav.
Info/advice: with post
On 2012-01-03 12:09 PM, /dev/rob0 wrote:
Info/advice: with postscreen(8), sane HELO restrictions, and good
DNSBLs, clamav is not going to get much use.
Clamav, with the sane-security sigs, most certainly does block a lot of
phising scams that would not otherwise be blocked.
And most of post
On 1/3/2012 11:09 AM, /dev/rob0 wrote:
> On Tuesday 03 January 2012 09:26:57 Frank Bonnet wrote:
>> I'm searching for a friend (who has very few money) an open source
>> antivirus scanner for email server that works with Postfix.
>>
>> Any infos/links/advices welcome
>
> One link, Google, would h
On Tuesday 03 January 2012 11:28:09 Charles Marcus wrote:
> On 2012-01-03 12:09 PM, /dev/rob0 wrote:
> > Info/advice: with postscreen(8), sane HELO restrictions, and good
> > DNSBLs, clamav is not going to get much use.
>
> Clamav, with the sane-security sigs, most certainly does block a
> lot of
Am 03.01.2012 18:30, schrieb Stan Hoeppner:
> To add to this sentiment, haven't most/all the viri/malware pushers
> switched from an email delivery vector to drive-by downloads? I can't
> recall the last time I saw a viral email attachment.
our barracuda saw 2929 in the last year
compared wi
* /dev/rob0 :
> On Tuesday 03 January 2012 09:26:57 Frank Bonnet wrote:
> > I'm searching for a friend (who has very few money) an open source
> > antivirus scanner for email server that works with Postfix.
> >
> > Any infos/links/advices welcome
>
> One link, Google, would have easily found cla
On 2012-01-03 1:18 PM, Ralf Hildebrandt wrote:
Also blocking "unwanted" attachments and double extensions (with
mime_header_checks or amavis) leaves only little stuff for clamav to
eat.
Care to share your header_checks for blocking 'double extensions' (if
you're doing it with header checks)?
Am 03.01.2012 19:42, schrieb Charles Marcus:
> On 2012-01-03 1:18 PM, Ralf Hildebrandt wrote:
>> Also blocking "unwanted" attachments and double extensions (with
>> mime_header_checks or amavis) leaves only little stuff for clamav to
>> eat.
>
> Care to share your header_checks for blocking 'do
* Charles Marcus :
> On 2012-01-03 1:18 PM, Ralf Hildebrandt wrote:
> >Also blocking "unwanted" attachments and double extensions (with
> >mime_header_checks or amavis) leaves only little stuff for clamav to
> >eat.
>
> Care to share your header_checks for blocking 'double extensions' (if
> you'r
* Ralf Hildebrandt :
> * Charles Marcus :
> > On 2012-01-03 1:18 PM, Ralf Hildebrandt wrote:
> > >Also blocking "unwanted" attachments and double extensions (with
> > >mime_header_checks or amavis) leaves only little stuff for clamav to
> > >eat.
> >
> > Care to share your header_checks for block
On 1/3/2012 12:00 PM, Reindl Harald wrote:
>
>
> Am 03.01.2012 18:30, schrieb Stan Hoeppner:
>
>> To add to this sentiment, haven't most/all the viri/malware pushers
>> switched from an email delivery vector to drive-by downloads? I can't
>> recall the last time I saw a viral email attachment.
Am 03.01.2012 21:21, schrieb Stan Hoeppner:
> On 1/3/2012 12:00 PM, Reindl Harald wrote:
>>
>>
>> Am 03.01.2012 18:30, schrieb Stan Hoeppner:
>>
>>> To add to this sentiment, haven't most/all the viri/malware pushers
>>> switched from an email delivery vector to drive-by downloads? I can't
>>> r
OK thanks to you guys, I have enough information
Le 03/01/2012 16:26, Frank Bonnet a écrit :
Hello
I'm searching for a friend (who has very few money) an open source
antivirus scanner for email server that works with Postfix.
Any infos/links/advices welcome
Thanks and happy new year.
> Am 03.01.2012 18:30, schrieb Stan Hoeppner:
>
> > To add to this sentiment, haven't most/all the viri/malware pushers
> > switched from an email delivery vector to drive-by downloads? I can't
> > recall the last time I saw a viral email attachment.
>
> our barracuda saw 2929 in the last year
>
On Wed, Jan 4, 2012 at 12:36 PM, Gary Smith wrote:
>> Am 03.01.2012 18:30, schrieb Stan Hoeppner:
>>
>> > To add to this sentiment, haven't most/all the viri/malware pushers
>> > switched from an email delivery vector to drive-by downloads? I can't
>> > recall the last time I saw a viral email at
On Tue, 03 Jan 2012 16:26:57 +0100, Frank Bonnet wrote:
I'm searching for a friend (who has very few money) an open source
antivirus scanner for email server that works with Postfix.
ClamAV hooks nicely into postfix with clammilter and smtp via clamsmtp
Benny Pedersen wrote:
On Tue, 03 Jan 2012 16:26:57 +0100, Frank Bonnet wrote:
I'm searching for a friend (who has very few money) an open source
antivirus scanner for email server that works with Postfix.
ClamAV hooks nicely into postfix with clammilter and smtp via clamsmtp
also wires in n
On Wed, 04 Jan 2012 17:31:55 -0500, Miles Fidelman wrote:
Benny Pedersen wrote:
On Tue, 03 Jan 2012 16:26:57 +0100, Frank Bonnet wrote:
I'm searching for a friend (who has very few money) an open source
antivirus scanner for email server that works with Postfix.
ClamAV hooks nicely into post
On Wed, Jan 4, 2012 at 4:28 PM, Phill Macey wrote:
>
> On 05/01/2012 6:16 AM, "francis picabia" wrote:
>>
>> Connect: 11661
>> ...
>> Reject total: 18525
>
> Huh? You have more rejects than you had connects in the first place (every
> rejected client must first connect before it can be rejected
>> I'm searching for a friend (who has very few money) an open source
>> antivirus scanner for email server that works with Postfix.
>>
>> Any infos/links/advices welcome
>
> One link, Google, would have easily found clamav.
>
> Info/advice: with postscreen(8), sane HELO restrictions, and
On 2012-01-11 10:12 AM, email builder wrote:
> So who is using Stan's list? What do people have to say about
> it? What should I consider in regard to possibly implementing it?
I am using it (for a while now)...
This isn't really like a DNSBL, it simply rejects hosts that are
'spammy', meani
On 1/11/2012 9:12 AM, email builder wrote:
>
>
>>> I'm searching for a friend (who has very few money) an open source
>>> antivirus scanner for email server that works with Postfix.
>>>
>>> Any infos/links/advices welcome
>>
>> One link, Google, would have easily found clamav.
>>
>> Info/advi
On Wed, 11 Jan 2012 10:19:36 -0600, Noel Jones
wrote:
> I would classify it as low risk of false positives, and fairly safe.
> (but not 100% safe; few rules are. YMMV and such.) I've had a
> couple of FP's from idiots that run their business mail servers on a
> cablemodem with a dynamic rDNS na
On Wednesday 11 January 2012 12:52:42 Mark Alan wrote:
> I would also be interesting to be able to use a similar mechanism
> earlier, from the postscreen_access_list (after permit_mynetworks
> but before going outside to fetch the postscreen_dnsbl_* stuff):
>
> postscreen_access_list = permit_myne
On Wed, 11 Jan 2012 07:12:15 -0800 (PST), email builder wrote:
So who is using Stan's list?
its blowing in the wind
What do people have to say about it?
good
What should I consider in regard to possibly implementing it?
ask for paypal account to pay Stan
>>> http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list
>>
>> I've been curious about Stan's list of pcres. It looks massive,
>> and Stan
>> seems to be a regular expert contributer here. But I'm reluctant to
>> start using a text file from a web site with nothing on it and only a
On 1/11/2012 3:56 PM, email builder wrote:
http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list
> Noel, thank you for the thorough response. Thanks also to
> all the other responders. I'm definitely convinced. :)
>
> And of course, thanks to Stan!
Of all days for me to be away f
On 1/12/2012 1:11 AM, Stan Hoeppner wrote:
> On 1/11/2012 3:56 PM, email builder wrote:
> http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list
>
>> Noel, thank you for the thorough response. Thanks also to
>> all the other responders. I'm definitely convinced. :)
>>
>> And of cours
On 11 jan. 2012, at 16:12, email builder wrote:
>> http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list
>
> So who is using Stan's list? What do people have to say about
> it? What should I consider in regard to possibly implementing it?
We use a modified version as a HELO blacklist. T
On 2012-01-13 4:48 AM, DTNX/NGMX Postmaster wrote:
We use a modified version as a HELO blacklist. This avoids the false
positives we saw while testing it as a reverse DNS restriction but,
because the use of the reverse hostname as the HELO string is a
common pattern in spam attempts from comprom
On 1/13/2012 3:48 AM, DTNX/NGMX Postmaster wrote:
> On 11 jan. 2012, at 16:12, email builder wrote:
>
>>> http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list
>>
>> So who is using Stan's list? What do people have to say about
>> it? What should I consider in regard to possibly implement
>> We use a modified version as a HELO blacklist. This avoids the false
>> positives we saw while testing it as a reverse DNS restriction but,
>> because the use of the reverse hostname as the HELO string is a
>> common pattern in spam attempts from compromised hosts, it's still
>> very effec
On 1/13/2012 2:13 PM, email builder wrote:
>>> We use a modified version as a HELO blacklist. This avoids the false
>> Interesting... can you provide specific details on what you mean by
>> 'modified version'?
>
> I second that. I'm feeling convinced enough to use it as it was
> intended, BUT
On 13 jan. 2012, at 21:13, email builder wrote:
>>> We use a modified version as a HELO blacklist. This avoids the false
>>> positives we saw while testing it as a reverse DNS restriction but,
>>> because the use of the reverse hostname as the HELO string is a
>>> common pattern in spam attempts f
On 2012-01-13 6:05 PM, Stan Hoeppner wrote:
On 1/13/2012 2:13 PM, email builder wrote:
We use a modified version as a HELO blacklist. This avoids the false
Interesting... can you provide specific details on what you mean by
'modified version'?
I second that. I'm feeling convinced enoug
On 1/14/2012 6:40 AM, Charles Marcus wrote:
> I was more interested in what specific changes he made in order to
> use it as a HELO blacklist, and how and why it avoided false
> positives when it is used the way we have been using it
>
To use it as a HELO blacklist, you simply call it with
chec
On 1/14/2012 6:40 AM, Charles Marcus wrote:
> I was more interested in what specific changes he made in order to use
> it as a HELO blacklist, and how and why it avoided false positives when
> it is used the way we have been using it
It wouldn't really require any changes. You could use it with
On 2012-01-14 5:39 PM, Stan Hoeppner wrote:
On 1/14/2012 6:40 AM, Charles Marcus wrote:
I was more interested in what specific changes he made in order to use
it as a HELO blacklist, and how and why it avoided false positives when
it is used the way we have been using it
It wouldn't really r
41 matches
Mail list logo
