> Having looked into this a bit ago, I wouldn't say the OpenAV code is > exactly how I would have designed it... you run a daemon that you TCP > into and send the files through. This might be a nice design if you > want to off-load the processing to another box (or cluster them since > like Jason says, Virus scanning can take a huge load), but it doesn't > make it very easy to bundle. > Still looking, Serge is faster than me ;) > You have to be pretty judicious about what gets scanned, which then > leads to possibly not having things fall through the holes. > Maybe as a > simple approach we have a mailet that uses the remote (or > local for that > matter) daemon to scan for viruses, rather than trying to bundle the > code. I think most mail server virus scanners are add-ons anyway, so > this may not be too bad... include a mailet and a HOWTO. > > While it's great to have this free, I do wonder about the value of > slightly outdated virus definition files. I'd be interested > to see if > most viruses that get stopped by the commercial vendors are > the current > ones or if it's more just unknowing/unprotected users sending > around old > ones. > When I ran a site with large daily mail volume and we checked for virii, we tended to get the flavour-of-the-moment ones. So things like Klez etc. Old ones will eventually get pushed out of the system. Fresher pattern files are always the best. Remember the speed that Melissa spread with? Like they say on the OpenAV site - don't rely it yet.
> -- > Serge Knystautas > Loki Technologies - Unstoppable Websites http://www.lokitech.com > > > -- > To unsubscribe, e-mail: > <mailto:james-dev-> [EMAIL PROTECTED]> > For > additional commands, > e-mail: <mailto:[EMAIL PROTECTED]> > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
