Very Computer

This toolkit will turn your Linux email host into
a gatekeeper preventing any possible email-borne
virus from reaching your users. Even viruses that
have not yet been written.

http://www.sni.net/~smeyer/virusFilterLinux.htm

Sent via Deja.com http://www.deja.com/
Before you buy.

Quote:>This toolkit will turn your Linux email host into
>a gatekeeper preventing any possible email-borne
>virus from reaching your users. Even viruses that
>have not yet been written.

>http://www.sni.net/~smeyer/virusFilterLinux.htm

Sounds great. I'm rather skeptical though.

--
North Shore Technologies, Cleveland, OH  http://NorthShoreTechnologies.net
Steve Sobol, BOFH - President, Chief Website Architect and Janitor
Spammers and Net-abusers: Don't bother asking me for service. See
http://NorthShoreTechnologies.net/go/policy/ for more information.

AmaVIS looks like a good free alternative, have you checked it out?

ObNanae - who ended up with my Viking helmet at the bar last month?  I
forgot it in a bag on the floor when I left...

--------------------------------------------------------

Have you hugged your firewall today?   No spam, thanks.
--------------------------------------------------------
Are you the police?  . . . .  No ma'am, we're sysadmins.

I adminit the is incidental, but a GPL'd alternative appeals to me more.

Quote:> I don't remember the url for AmaVIS - help??

www.amavis.org

--
--------------------------------------------------------

Have you hugged your firewall today?   No spam, thanks.
--------------------------------------------------------
Are you the police?  . . . .  No ma'am, we're sysadmins.

From 'Dave Lugo':

Quote:>AmaVIS looks like a good free alternative, have you checked it out?

It's not a question of whether it's free or not, especially since the
asking price for the scanner advertised here is only $50. I'm just
skeptical. :>

I don't remember the url for AmaVIS - help??

Quote:>ObNanae - who ended up with my Viking helmet at the bar last month?  I
>forgot it in a bag on the floor when I left...

Andrew Barrett. Yer off topic now, son. This is comp.mail.sendmail ;)

--
North Shore Technologies, Cleveland, OH  http://NorthShoreTechnologies.net
Steve Sobol, BOFH - President, Chief Website Architect and Janitor
Spammers and Net-abusers: Don't bother asking me for service. See
http://NorthShoreTechnologies.net/go/policy/ for more information.

Yes AmaVIS is an "free" alternative.  However both
AmaVIS and my solution rely upon external virus
scanning engines--if you want a good engine you
need to pay for it (and subscribe to updates).

I probably would have used AmaVIS myself had I known
about it in early May--I love GPL too.  But I have
since looked at AmaVIS and I don't think it would
have saved me much implementation time.  Plus, it
would have way uglier, slower and complicated.
My solution simply and elegantly integrates a
commercial virus scanning product (the best in
the world) into procmail.

Also, AmaVIS offers no technical support.

Anyway: If you are trying to hack together something
for your home network definately use AmaVIS instead.
If need to defend your organization from the current
threat, you need to be running ASAP, and your time
is valuable you will be happy you paid me to get you there.

Thanks for the comments,
    Scott

Sent via Deja.com http://www.deja.com/
Before you buy.

this make me wonder how does a virus for Linux/unix works? can anyone
tell me roughly how it corrupt files, bring down the system,delete other
users files(/home) and other unwanted things to happen, etc. As
attachments? something like those in windoze world?

--

   .~.   Live free or die !
   /V\
  // \\  ---------------------------------------------------

  ^`~'^  ---------------------------------------------------

Funny you should.  I got a OpenSource E-mail virus the other day.  I deleted it, and I wish I
hadn't.

It was text (because UNIX is open source, right?).  It said something like:

        This is a UNIX E-mail virus.  Please delete a few critical files, and then forward this message to
everybody you know.  Thank you.

But seriously, folks, it is hard to write a virus for UNIX.  Suppose somebody did... they would have
to send the source code.  Once files started disappearing, it would be easy to check the source
code.  People would send out a warning via the usenet.  It would easy to track down the source of
the code and that would be that.

Jeff

--
Jeff Silverman, PC guy, Linux wannabe, Java wannabe, Software engineer, husband, father etc.
See my website: http://www.commercialventvac.com/~jeffs

From '?NdRew yEonG':

Quote:>this make me wonder how does a virus for Linux/unix works?

Amavis scans for DOS/Windows viruses and is designed to be used on
a server where files are served that may be used by DOS/Windows users.

I'm assuming Scott's product does the same thing.

--
North Shore Technologies, Cleveland, OH  http://NorthShoreTechnologies.net
Steve Sobol, BOFH - President, Chief Website Architect and Janitor
Spammers and Net-abusers: Don't bother asking me for service. See
http://NorthShoreTechnologies.net/go/policy/ for more information.

That is only true for commercial use, mind you.

Quote:> I probably would have used AmaVIS myself had I known about it in
> early May--I love GPL too.  But I have since looked at AmaVIS and I
> don't think it would have saved me much implementation time.  Plus,
> it would have way uglier, slower and complicated.  

I find AMaViS neither ugly, nor slow and certainly not complicated.
Integration into Linux, Free- and OpenBSD took me 5 minutes each.

Quote:> My solution simply and elegantly integrates a commercial virus
> scanning product (the best in the world) into procmail.

So there we go... Apart from the fact that I have not seen any "best
virus scanning product" over the past 10 years, I don't see what the
advantage of plonking a virus scanner into procmail would be over
ummm... plonking several virus scanners into procmail like AMaViS
does.

Quote:> Anyway: If you are trying to hack together something for your home
> network definately use AmaVIS instead.  

ACK.

Quote:> If need to defend your organization from the current threat, you
> need to

... know what you're doing anyway and not rely on a single person
somewhere on this planet who *claims* to have the best tool on earth.

Quote:> be running ASAP, and your time is valuable you will be happy you
> paid me to get you there.

Sorry, scottopotomus, but you're not sounding overly convincing.
Your tips on getting pregnant were a much funner read.

Quote:> > ...However both AmaVIS and my
> > solution rely upon external virus scanning engines--if you want a
> > good engine you need to pay for it (and subscribe to updates).
> That is only true for commercial use, mind you.

I must disagree.  The best signatures can only come from a room
full of guys who are being paid 24x7 to defend the world against
the newest dangers.

Quote:

> > I probably would have used AmaVIS myself had I known about it in
> > early May--I love GPL too.  But I have since looked at AmaVIS and I
> > don't think it would have saved me much implementation time.  Plus,
> > it would have way uglier, slower and complicated.

> I find AMaViS neither ugly, nor slow and certainly not complicated.
> Integration into Linux, Free- and OpenBSD took me 5 minutes each.

You are right.  You speak from your actual experience.  I speak having
only looked at docs and faqs.  Amavis sounds like a mess to me, but if
it only took you 5 minutes to implement either you are an exceptionally
competent integrator, or my impressions are incorrect.

Quote:

> > My solution simply and elegantly integrates a commercial virus
> > scanning product (the best in the world) into procmail.

> So there we go... Apart from the fact that I have not seen any "best
> virus scanning product" over the past 10 years, I don't see what the

Perhaps there is no best, but there is a best selling.
In this case believe they happen to be the same.

Quote:> advantage of plonking a virus scanner into procmail would be over
> ummm... plonking several virus scanners into procmail like AMaViS
> does.

Speed, efficiency, simplicity.

Quote:

> > Anyway: If you are trying to hack together something for your home
> > network definately use AmaVIS instead.

> ACK.

> > If need to defend your organization from the current threat, you
> > need to

> ... know what you're doing anyway and not rely on a single person
> somewhere on this planet who *claims* to have the best tool on earth.

For every 1 those "know what you're doing" there are 20? 100? who should
be using at least some email filtering tool to protect their
organizations but are not because of complexity, lack of direction,
motivation or resources.

Quote:

> > be running ASAP, and your time is valuable you will be happy you
> > paid me to get you there.

> Sorry, scottopotomus, but you're not sounding overly convincing.

Alright, for you Robin, I officially change my pitch:
  If you are the administrator for an organization's mail host,
  you should strongly consider protecting your users from dangerous
  email by installing a virus/macro/script filter on your mail host.
  www.AmaVIS.org offers an free integration product that will enable
  you to connect just about any unix-based (pc)virus scanner to a
  unix-based email system.  You should try AmaVIS.
  I offer a very simple commercially supported alternative that works
  well on Linux email hosts, If have difficulty implementing
  and trusting AmaVIS with the virus scanner of your choice
  then perhaps you should try my guaranteed solution.
  http://www.sni.net/~smeyer/virusFilterLinux.htm
Better?

Quote:> Your tips on getting pregnant were a much funner read.

You laugh at infertility or ovarian disease?  We didn't think
7 years of infertility were funny.  Many of the hundreds of
messages we get each month through our infertility support site
are written through tears.  Although we also get a few joyful
birth anouncements.

Sent via Deja.com http://www.deja.com/
Before you buy.

 The joys of Free Software ... please note that there
 are actually three implementations of amavis out there.
 And yes, they will merge :)

 Canonical: http://amavis.org/
 The release version is 0.2.0-pre6, and I don't recommend to use it.
 It is quite inefficient and has lots of subtle "features".

 Updated: http://dev.amavis.org/
 Current version 0.2.0-pre6-clm-rl-8, a vastly improved
 version by Chris Mason and Rainer Link.
 This will become amavis 0.2.1 stable.

 Experimental: http://dev.amavis.org/
 A rewrite of amavis in perl, current version amavis-perl-6.
 Written by Chris Mason. This will be amavis 0.3.

Quote:> My solution simply and elegantly integrates a
> commercial virus scanning product (the best in
> the world) into procmail.

 So, your solution works only on mailbox delivery.
 Or can it be used on a relay as well, checking
 both inbound and outbound?

Quote:> Also, AmaVIS offers no technical support.

 Steps are being taken to rectify this situation. We now have
 two projects at SourceForge:

 amavis: http://sourceforge.net/project/?group_id=6006
 (I just see that I have been upgraded to project admin status :)
  probably because THEY want ME to do the things I suggested :-(

 pre-6 is in the cvs now, and the other versions will follow as
 soon as I can set up a mailing list for commits.

 The Linux Antivirus Project: https://sourceforge.net/project/?group_id=6040
 The naming is a bit unfortunate because the project is by no means limited
 to Linux. There's not much more than two mailing lists right now.

Quote:> Anyway: If you are trying to hack together something
> for your home network definately use AmaVIS instead.
> If need to defend your organization from the current
> threat, you need to be running ASAP, and your time
> is valuable you will be happy you paid me to get you there.

Will any of the newer versions allow for the filtering of specific attachment
types - like obviously .vbs?

Thanks

Quote:> > My solution simply and elegantly integrates a
> > commercial virus scanning product (the best in
> > the world) into procmail.

>  So, your solution works only on mailbox delivery.
>  Or can it be used on a relay as well, checking
>  both inbound and outbound?

Correct, only inbound email is processed.
My design goal was strictly to protect the
machines and users in my organization.
Thanks,
    Scott

Sent via Deja.com http://www.deja.com/
Before you buy.

Quote:> Will any of the newer versions allow for the filtering of specific
attachment
> types - like obviously .vbs?

> Thanks

Ken,
I don't know about AmaVIS. I can only speak for my alternate
(commercial) solution.  But this was my first design priority,
even before I plugged in a virus checker--to have every possible
code-carrying file type (by extension) reroute to administrator.
(exception for macro-less Word.doc and Excel.xl_)
Thanks,
    Scott

Sent via Deja.com http://www.deja.com/
Before you buy.