[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vps-mail] ANNOUNCE: clamav anti-virus for VPS v2

Subject: [vps-mail] ANNOUNCE: clamav anti-virus for VPS v2
From: Scott Wiersdorf <scottw@xxxxxxxxxxxx>
Date: Fri, 15 Aug 2003 13:48:00 -0600

This is the official beta announcement of ClamAV anti-virus for VPS
v2 mail scanner. The ClamAV anti-virus package is in BETA right now
(I just pushed out a bug fix a few moments ago) and I would greatly
appreciate your participation.

If you are not running a VPS v2 currently, you may ignore this thread.

The vinstall for ClamAV ('vinstall clamav') works like this:

- installs clamav and dependencies
- sets up a twice-daily cron to update your virus signatures
- prompts you for to scan incoming mail and what you want to do with
  the mail (e.g., trash it to /dev/null, or quarantine it, etc.)
- sets up two procmail rules in your /usr/local/etc/procmailrc to scan
  and quarantine email-born worms, based on your previous selections

That's it! I have one fellow developer who put it on his personal VPS
v2 and it's caught dozens of worms already. Each mail scanned is
flagged with a special email header:

    X-ClamAV: cleam

or if it's infected:

    X-ClamAV: (virus name) FOUND

It will also leave a summary entry in /var/log/procmail.clamav, which
looks like this:

    Possible virus W32/Yaha.g.dam FOUND
    From foo@xxxxxxx  Fri Aug 15 19:45:27 2003
     Subject: Fw: Joke Friendship to check  
      Folder: /home/joe/quarantine                              42846

It is possible to scan mail (and tag it with a special header) but do
nothing with it, so that clients can decide what to do with it (a lot
like spamassassin).

Anyone on this list with a VPS v2 is encouraged to install it and kick
it around. Please send any feedback you may have to me. Feel free to
discuss it with other list members as well.

Thanks,

Scott
-- 
Scott Wiersdorf
scottw@xxxxxxxxxxxx
======================================================================
Technical questions regarding this list may be sent to
<vps-mail-owner@xxxxxxxxxxxx>. You may request an automated help
response by sending an email with the word 'help' (w/o quotes) in the
BODY of the message (subject is ignored) to <vps-mail-request@xxxxxxxxxxxx>.
======================================================================

Prev by Date: [vps-mail] (cross post) 'vps-mail' mailing list (formerly 'sa-beta')
Next by Date: Re: [vps-mail] scanning for viruses before spam
Previous by thread: [vps-mail] (cross post) 'vps-mail' mailing list (formerly 'sa-beta')
Next by thread: Re: [vps-mail] scanning for viruses before spam
Index(es):
- Date
- Thread

Main Index | Thread Index