[EMAIL PROTECTED] wrote: > Hello all. > > We've had some consultant make the spurious claim that Clam AV only scans for > 'windows viruses' and is really only useful for 'scanning email'. > Despite the fact that I know this to be patently false, is there > documentation out there I can slap him with that clearly indicates that the > virus > defs are for any platform, Linux, windows, Unix, Mac OS X, etc. ? I can prove > that it scans the file system just by sprinkling a few test viri things > out in the file system. Hard to argue with that sort of evidence. > > The rest of it, well, now it's personal. > As much as I like ClamAV and rely on it for scanning mail before it gets to our Exchange server, I wouldn't use it as my primary Windows solution. There are too many hooks necessary to get real-time scanning, internal Exchange scanning, and so on. The proper thing, in my opinion, is to build a multi-layer defense, using ClamAV on the MX servers checking incoming mail, and then using a different product on the Windows machines. This way, you get two different teams working on malware definitions, two different ways of looking a things, and two different timing cycles to make it more likely one of them will catch whatever's coming in.
In our case, we use ClamAV on the MX servers and run Symantec Corporate on the Windows servers, Windows desktops, and the Exchange server. I certainly understand the personal bit. Isn't it amazing how they'll pay attention to an outsider and discount everything you say? _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
