On Wed, 11 Aug 2004, Martin Konold wrote: > Well, we have integrated the clamav virus scanner in the Kolab (www.kolab.org) > groupware server and someone complained that it not acceptable security wise > to do automatic cron based freshclam updates by default. > > http://kolab.org/pipermail/kolab-devel/2004-August/001662.html > > I therefore wanted to know all security precautions.
I just skimmed through that thread. You don't seem to understand what the other person is asking. You seem to think they have the reasonable fear that someone could intentionally submit a bad signature, thereby causing your mailserver to reject ALL mail. I had the same fear before installing ClamAV, but it was alleviated by the fact that there is a very small group of people with the ability to add signatures, and all signatures are reviewed by hand. Furthermore, bad signatures can be removed fairly quickly, if anyone detects a false positive. Their actual argument is somewhat less reasonable. They don't want their computer doing anything automatic. For example, some of us configure our machines to automatically patch every night, since that will keep us up on security. Others worry about the occasional bad patch, and prefer to do things manually so they can test the patch on a non-production machine first. Essentially this person is claiming they will test each signature on a non-production machine first. Of course, with viruses the timescale is measured in minutes or hours, while security patches are measured in days. It is not reasonable to test a signature before putting it into production. Besides, I would argue that he is not competent to adequately test the signatures anyway. So... keep freshclam in cron and ignore the loud idiot -- just as you have done. Damian Menscher -- -=#| Physics Grad Student & SysAdmin @ U Illinois Urbana-Champaign |#=- -=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=- -=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=- -=#| <[EMAIL PROTECTED]> www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=- -=#| The above opinions are not necessarily those of my employers. |#=- ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
