Henrik K wrote:
On Wed, Mar 12, 2008 at 11:16:32AM -0400, Randy Ramsdell wrote:
Henrik K wrote:
On Wed, Mar 12, 2008 at 10:23:14AM -0400, Randy Ramsdell wrote:
You can use spamassassin and clamav with or without Amavis, but to
check the message, you must make a system wide change that will
affect every message. Bypassing file size limits with any of those
setups might not be an ideal solution. After a brief read on
Sanesecurity signatures, it appears that the size limits will still
come into the equation and again, a system wide setting change is
required.
What are you talking about? I have no limits on size for ClamAV scans.
I am talking about message/attachment size limits or was that a
rhetorical question? You can set the size limit which I believe is
"StreamMaxLength." From the docs, this should be set to the mail server
size limit so maybe it isn't a factor. The addon for clamav does seem to
be interesting given this.
Ofcourse it's not a factor. StreamMaxLength is only applied when the clamd
daemon is on a separate server. And even more, the default is 10MB which is
more than enough for what we are talking about. I really doubt spammers
would be sending _that_ big files.
I agreed that size does not matter. :) But I was mostly responding to
your statement "I have no limits on size for ClamAV scans," but there
are message size limits that can be set. So you do have limits.
Just get the Sanesecurity signatures and be done with it, it will help a lot
in any case. Maybe it has signatures for these "big" spams too. Also if you
are using amavisd-new, you should set virus_name_to_spam_score_maps
accordingly.
Just get "Sanesecurity signatures" even though it has nothing to do with
the large file attachments directly? I actually looked into this
technology because of the thread, but it doesn't help in my case.