There is an awesome unix-based open source antivirus program called
clamav. It's at http://clamav.sourceforge.net. The virus definitions
are updated regularly and it was the first antivirus program that
detected this latest SCO virus (whatever they decided to call it -- it's
like naming astroids, I guess). Anyway, I used another nifty filtering
program called mimedefang (http://www.mimedefang.org) to integrate
clamav into sendmail. Now I have attachment filtering based on file
extension, and also basic antivirus scanning, right there inside
sendmail. Mimedefang uses the milter api, which allows it to do things
like rejecting connections based on content, black lists, etc.
I use amavisd-new (previously amavisd for a couple years) for scanning viruses and also filtering out spam (tagging it).
I have used Kaspersky, Trendmicro vscan (via Trophie), McAfee uvscan, and now ClamAV. I had just been running clamav, but due to the release of the new viruses this week, I decided I better tack another scanner back on and I put trendmicro back to work. I was sad to see Mimail.R get past clamav and get caught by trendmicro. (I've seen Trend miss some in the past too.) But, on the other hand, when I got to work this morning clamav had caught over 1000 of the SCO virus and that was by 8am.
Kaspersky was good, but won't run under SUSE 9.0 Pro AMD64, and I even own a license for it (time to move it to another server). They also changed their licensing to make it more expensive rather than just a linux desktop license, so I probably won't renew it when it expires.
Amavisd-new is pretty slick. It will tie into as many virus scanners as you want and also tie into SpamAssassin for spam tagging/filtering. I have used it with exim and now postfix. Postfix was the easier of the two to setup and amavisd-new basically installed itself and configured postfix when I told Yast2 I wanted it (both installed via Yast2).
With the newer deamonized virus scanners the virus scanning on the mail server can be done easily without much extra load. I had it running on a Celeron 400mhz until just last month and it was handly thousands of mail a day (plus thousands of spam too).
Anyway, just my 2 cents in case it helps anyone.
Chris
____________________
BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
