On Fri, 27 Feb 2004, Bob George wrote: > I assume the single pass requirement is for performance reasons?
A combination of performance and simplicity of installation/maintenance (for the distinct possibility that the next sysadmin will be volunteer). We're running a community-network ISP here..... :-) > >>Is bitdefender freeware? Didn't look like it when I visited the site... > "Free for personal use" -- at least free enough to be included in Debian. Which rules out CommunityNets..... (sigh) > I put anomy in BECAUSE my users (family mostly) lack those skills. I > have it set to scan, then allow through if it passes the scan, or > quarantine and direct users to ask for help if not. Before I installed SpamAssassin, I had a simple blacklist filter with a quarantine system and I would have users calling up and complaining that their disk quota was full but their 'inbox' empty. Even though the docs practically SCREAMED that they had to clear out the spam box, far too many users just 'clicked the button' and expected the spam to magically disappear. So I finally gave in and gave them the option to just delete spam based on the SA score. with a default to just tag spam, they can easily check for FP's before they start deleting. Their choice.... And we really can't be suggesting that hundreds of users phone us for help, especially when a good number think 'help' means they call us to cdo things *for them* again and again..... (sigh) > It can just as easily drop infected messages. I can see this depending > largely on the userbase though. Got it in one. As a community base we service a market segment that has more difficulty with computers than average.... :-) > Still, I'd lean towards scanning SOMEWHERE, regardless of how. Uh-huh. That's why I want to get CLAMAV running. I figure they'll either straighten out the 'mbox' option soon, or I'll follow the 'mailscanner' trick of splitting postfix, though that will mean extra file I/O..... :-( > Here's a thought: Allow users to "scan for viruses" or not. I might offer them anomy sanitizing as an option. But basic virus scanning has to be on for everyone. It's in everyone's best interest.... > If not, just don't call it. If using sanitizer, different procmail rules > could call it specifying different configs for content (defang html), > virus scanning, etc. depending on the options checked by the user > (assuming you've got a web checklist somewhere). Yeah, we're headed in that direction. But let's get basic AV running first..... :-) - Charles
