; I'm interested, which MIME decoder is better: ; - ClamAV's built-in, written by Nigel Horne ; - ripMIME, written by Paul L Daniels
Of the two, ripMIME is significantly better - but gmime would be my first choice. The biggest operational problem I have with the built-in one is that it doesn't appear to have been written with security and resilience in mind. It's been getting better as patches come in to remove asserts on user input but it is still, for example, trivial to get a virus through a Clam scanner just by putting it 10 levels down in nested MIME. The whole approach to writing a MIME decoder for this type of application needs to be right from the start. I've just finished a big implementation of Sendmail Inc.'s AV solution (which uses Sendmail's own MIME decoder and the McAfee engine) and it is rock solid - if I run the same test suite against Clam then it either fails the tests or exits because of an assert. This is down to the MIME decoder, not the AV engine itself which is very reliable. Andy ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Clamav-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-devel
