<quote who="Theo Julienne"> > > Know any MTAs that write to disk during or before DATA? How are you > > going to guarantee that your MTA -> AV/SPAM protocol/connection won't > > fail? How do you communicate that failure to the MTA? What should the > > MTA do? What > > The current setup I'm working with is Exim using Exiscan-acl and Kaspersky > AVD/SpamAssassin.. It _does_ have this feature. The speed issue with virus > scanners that are used by, say, Amavis, is that the virus database is > loaded _every time_ you get a mail ( because they use the scanner, like > kavscanner ). This would obviously make checking at SMTP DATA time > useless. However, because this uses kavdaemon, which loads the virus > database once, the virus scanning is very fast ( and also extracts all > archives without a middle-man amavis setup - even faster ).
You need to research Amavis a bit more. :-) These days, it runs as a daemon and talks SMTP, loads and uses SpamAssassin modules directly, plus talks to all the AV daemons directly (or the command line clients and scanners). Its role is largely policy and response, as well as safe unpacking of archives when required. You haven't addressed the mid-DATA problems at all, though. > If we're going to scan our emails for spam/viruses, is there any _real_ > disadvantage to doing this at SMTP time? Yes - it's viciously unreliable. - Jeff -- GVADEC 2004: Kristiansand, Norway http://2004.guadec.org/ Corporate extortionism. Economic contortionism. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
