At 09:20 11/19/2004, Jason J. Ellingson wrote: >For those using my XMail AV filter for Win32, I thought I'd give you an >update on AV testing... > >I've been testing F-Prot, McAfee, and Sophos for a couple weeks now and >after several thousands of emails we have a definite winner... > >F-Prot is by far the fastest. It scans emails in 200-300ms. It hasn't >missed a single virus (I update the virus sigs hourly) and uses the least >amount of computer resources.
I currently use F-Prot as by "backup" virus scanner. It's probably caught, oh, somewhere around 10 virus emails this month (all that made it through my primary scanner). My primary scanner, however, is very efficient at catching viruses - it also catches quite a few spams and phishing emails... It's a little program I wrote that plugs in as a pre-data filter and tests the RDNS for a number of known patterns. For example: *dsl*.*.com *dsl*.*.net *dsl*.*.*.?? // catches a lot of stuff out of .JP and .BR *#.###.###.#* // where "#" represents a digit between 0 and 9, inclusive *#.##.###.#* // and other variations to catch IP addresses in RDNS names *dhcp*.*.com *dhcp*.*.net *dhcp*.*.*.?? And so on. Checks for patterns containing things like DSL, DHCP, CABLE, MODEM, DIAL, etc, as well as raw IP addresses (separated by periods or dashes). Eliminates a truly large number of viruses (before putting it in place, my virus scanner was catching probably 50 - 100 viruses per day (and missing who knows how many), now it's doing good to catch 10 per week). Something to think about, if you're in a position to implement it... - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
