[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Amavis... interesting



Arjen,

I'm interested in possibly running Amavis on one of the two current or 2/3
planned boxes in our company.

Would you recommend it?

Is it relatively easy to set up?



One more question - this one's a bit strange!  One of our clients currently
uses a "Fortigate" router/firewall that has a key selling point of "content
scanning".  From what I can see this means that the box is basically some
kind of *NIX with the usual networking, etc., a packet filtering firewall
and a "webmin" front end.  The clever thing it does is transparently to
capture inbound and outbound SMTP connections, silently forwarding them on,
a bit like a proxy server, but then when the actual DATA command comes it
pulls aside the email, scans it for viruses, then forwards on the DATA
command (and the actual email).

This may not be quite exactly how they work, it is just what I think is
happening.


The point is that SMTP servers (like their MS Exchange box) need no extra
configuration and cannot bypass the security by accident or by design - all
their inbound and outbound email traffic is invisibly scanned and
quarantined if necessary.

They cost quite a lot of money, although they aren't too unreasonably
priced.  The thing is that we would like to offer cheaper options that are
more under our control rather than a closed-source OS/box.

Can Amavis or a similar package do that to your knowledge?

Thanks,
Carl

----- Original Message ----- 
From: "Arjen Runsink" <arjen@xxxxxxxxxxx>
To: "Al Bogner" <suse-linux@xxxxxxxxxxxxxxxxxxxxx>; <suse-security@xxxxxxxx>
Sent: Monday, January 19, 2004 9:03 PM
Subject: Re: [suse-security] Hi


> On Monday 19 January 2004 21:39, Al Bogner wrote:
>
> > When did you update F-Prot? With the patterns of F-Prot and Antivir
> > about 24hrs ago, the worm was not recognized, but now it is.
>
> amvis(d-new) with extension scanning turned on for another of the possible
> "hide something for the user trick" ie double extensions and *.exe filters
> out all current mail virii.
>
> BB, Arjen
>
>
> -- 
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here