I must add, I have been using ClamAV on a mail gateway for 800 users and have found
it very good. Stable while processing around 100,000 messages a month.
We use this as a gateway to a Domino system with Symantec on the Domino servers.
Not much gets through.
We are using File:Scan as well.
I cannot say exactly how many users we have, but it's a LOT more than 800. Anyway, I have found that clamd works well, but clamav-milter has given me problems on occasion. The most recent one was when I found that sendmail runs into blocking issues when it is calling clamav-milter over the inet socket, but seems to work perfectly when called over a local unix socket.
As far as the updates go, I use slackware and maintain my own packages. So when a new clamav comes out, I run my package builder script on my build host, then copy the package to the production server. Once the package is on the server, it's one command to install, and another to restart clamd.
I should also note that running MD and clamd is better for security anyway if you have md_copy_orig_msg_to_work_dir_as_mbox_file() in your filter_begin() before the virus scanner is called. This is because the message will be placed in the temp dir which will allow clamd's scanmail interface to parse the message, even though mimedefang has already broken out the mime parts. The idea is that two different mime parsers read each message which would make it more difficult to hide a virus in some broken mime.
schu _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
