No, not Amavis. Amavis is just the middle-man. I'm talking about the virus scanners. Amavis does indeed run as a daemon - but it still runs command-line scanners ( kavscanner, etc ) which load the virus database each time - Kaspersky even recommends this daemonised approach for their AV software ( and really, they have made a _great_ piece of software ).You need to research Amavis a bit more. :-) These days, it runs as a daemon and talks SMTP, loads and uses SpamAssassin modules directly, plus talks to all the AV daemons directly (or the command line clients and scanners). Its role is largely policy and response, as well as safe unpacking of archives when required.
Why should Amavis be here extracting the files, when good virus programs like KAV can do it for you? Why do we have Amavis there acting as a middle-man, when we could be going directly? Fine, MTAs don't support it out of the box, but really, it's a much simpler and more efficiant solution than having a perl script daemon running there in the middle!
You haven't addressed the mid-DATA problems at all, though.It's not mid-data, it's post-data. But pre-telling-the-remote-mta-that-its-sent-perfectly ( eg DATA ends with "." -- after that, according to the SMTP protocol the mail server must, if the mail was sent correctly, send a "250 OK" message back -- simply, rather than sending the OK message, we send back error and say "don't send me viruses" or whatever -- most MTAs send this string back to the user that sent it ).
Providing everything is configured correctly - it's not unreliable. If the daemon turns off - mail is indeed rejected - but the sender is told that it's a temporary local problem and to try again. HOWEVER - this should _never_ happen!If we're going to scan our emails for spam/viruses, is there any _real_
disadvantage to doing this at SMTP time?
Yes - it's viciously unreliable.
--- Kind Regards,
Theo Julienne -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
