Re: [exim] Suggestion for Antivirus to use with Exim
Luca Bertoncello via Exim-users (Di 27 Sep 2022 14:19:01
CEST):
> Currently, at office, we use Kaspersky, Avast and ClamAV as Antivirus
> programs.
> All these programs will be used within Exim, to check all inbound and
> outbound E-Mails.
> Now, we know, Kaspersky/Russia/problem/etc...
> So, we must search an alternative to Kaspersky.
I do not see any relation between the items above. But that is another
topic.
virustotal provides an API, it should require only little effort to
integrate this with Exim. (I'm not sure about implications for privacy.)
> Now the question to you: can someone suggest me one (or more!) product to
> use in enteprise context to protect our E-Mails?
> Very important: the scan _must_ be done within Exim to allow us to reject
> infected E-Mails.
"Within" Exim should work almost everything you can control via a simple
command line. Plus the some scanners that have a client built into Exim.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE -
signature.asc
Description: PGP signature
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Suggestion for Antivirus to use with Exim
Am 27.09.2022 14:59, schrieb Patrick Cernko via Exim-users: Hi Patrick I have successfully integrated WithSecure (F-Secure for Bussiness) Scanner a few weeks ago. Integration was done using the cmdline interface. I have a small shell script that does some additional analysis/logging but basically, I just use OK, I'm trying now to find how much the program costs... I think, I have to ask the people of withsecure.com Getting WithSecure installed on our servers was the harder part. Let me know, if you need help there. What were the problems? Thanks Luca Bertoncello (lucab...@lucabert.de) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Suggestion for Antivirus to use with Exim
Hi Luca, On 27.09.22 14:19, Luca Bertoncello via Exim-users wrote: Hi list! Currently, at office, we use Kaspersky, Avast and ClamAV as Antivirus programs. All these programs will be used within Exim, to check all inbound and outbound E-Mails. Now, we know, Kaspersky/Russia/problem/etc... So, we must search an alternative to Kaspersky. Unfortunately, I didn't found anything that works good on Linux and have a good recognition rate. Now the question to you: can someone suggest me one (or more!) product to use in enteprise context to protect our E-Mails? Very important: the scan _must_ be done within Exim to allow us to reject infected E-Mails. I tried ESET, and it seems to work good, but unfortunately is not available anymore... I have successfully integrated WithSecure (F-Secure for Bussiness) Scanner a few weeks ago. Integration was done using the cmdline interface. I have a small shell script that does some additional analysis/logging but basically, I just use WITHSECURE_SOCKET = cmdline:\ /opt/f-secure/linuxsecurity/bin/fsanalyze %s:\ result=(infected|suspected):\ infection=([^ ]*) There are still some few mails only recognized by KLMS. I think you can always find a thread that is first recognized by one engine and only later by others. Also I had to tune the WithSecure settings a bit about archives. Getting WithSecure installed on our servers was the harder part. Let me know, if you need help there. Best, -- Patrick Cernko +49 681 9325 5815 Joint Scientific IT and Technical Service Max-Planck-Institute für Informatik & Softwaresysteme smime.p7s Description: S/MIME Cryptographic Signature -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] Suggestion for Antivirus to use with Exim
Hi list! Currently, at office, we use Kaspersky, Avast and ClamAV as Antivirus programs. All these programs will be used within Exim, to check all inbound and outbound E-Mails. Now, we know, Kaspersky/Russia/problem/etc... So, we must search an alternative to Kaspersky. Unfortunately, I didn't found anything that works good on Linux and have a good recognition rate. Now the question to you: can someone suggest me one (or more!) product to use in enteprise context to protect our E-Mails? Very important: the scan _must_ be done within Exim to allow us to reject infected E-Mails. I tried ESET, and it seems to work good, but unfortunately is not available anymore... Thanks a lot for your suggestion! Luca Bertoncello (lucab...@lucabert.de) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
