As far as I know, Avira has also discontinued their linux product.
We have augmented clamav with the sanesecurity signatures.
I just read about the interesting YARA project and am looking into
adding these rules also.
Also we block .js and the old microsoft office formats.
Up to now this seems to work quite well, we do not see anything relevant
get through.
On our customer's mail servers we partly run the kaspersky mail scanner
which works very well.
HTH, Jakob
Am 23.02.2016 um 19:50 schrieb Patrick Ben Koetter:
* Olivier CALVANO <[email protected]>:
what is the best antivirus engine for postfix/amavis ?
Because with clamav, we have a big quantity of crypto locker into our mail.
We run on CentOS 7
Good engines, which we have used in the past and would recommend are:
- Avira SAVAPI
- avast!
- Sophos
Reasons we think they are good:
- Fast
- Efficient
- Low False-Positive rate
- Low impact on system (they don't install a pletora of additional software)
- Good support
We tested and used others as well, but to they were crappy, instable and/or
the vendor left the UNIX market. Some didn't seem to be trustworthy enough to
let them handle our customers data.
You might want to check http://www.av-comparatives.org/ for regular surveys.
p@rick
